Secure  switching  Enterasys  this  week  is  adding 

security  controls  to  its  LAN  switches.  PAGE  8. 


End  u.  an  C  II  ar  The  Comdex  trade  show  -  a  computer 
industry  and  Las  Vegas  institution  -  craps  out  PAGE  8. 
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shake  up  network  device  market 

BY  BOB  BROWN 

^  _  The  winner  of  Network  World’s  inau¬ 

gural  “Who  Wants  to  be  an  Entre¬ 
preneur?"  contest  says  if  all  goes 
well  his  idea  could  lead  to 
routers  and  other  network  devices 
costing  much  less  and  coming  in 
smaller  sizes. 

See  Contest  page  16 
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Taking  the  mess  out  of 
instant  messaging: 

Managers  need  to  gain  control  over  corporate  IM.  Page  33 

Akonix's  L7  Enterprise  wins  our  test  of  four  IM  products. 
Page  36 
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RBOCs  bankrolling 
advanced  services 


■  BY  JIM  DUFFY 

CHICAGO  —  At  the  Super- 
Comm  2004  conference  last 
week  officials  from  Verizon,  SBC 
and  BellSouth  outlined  in¬ 
vestments  they  hope  will  help 
them  unseat  the  interexchange 
carriers  as  primary  suppliers  of 
data  services. 

Among  the  more  significant  dis¬ 
closures  were  vows  by  SBC  and 
Sprint  to  spend  $7  billion  or  more 
per  year  on  fiber  buildouts. 

But  the  Bells  are  willing  to  in¬ 
vest  in  whatever  it  takes  to  get 
ahead,  including  new  alternative 


technologies. 

“Were  now  as  likely  to  talk 
about  Wi-Fi  and  VoIP  as  we  are 
about  ATM  and  frame  [relay],” 
said  Barry  Allen,  executive  vice 
president  of  operations  at  Qwest, 
during  a  keynote  address. 

Include  Ethernet  on  that  list. 
Qwest  has  sold  “a  lot”  of  Ethernet 
services  to  its  enterprise  cus¬ 
tomers  but  also  has  had  to  turn 
some  away  because  it  would  re¬ 
quire  an  expensive  fiber  run  to 


the  building, said  CTO  Balan  Nair. 

So  Qwest  is  testing  IEEE  802.3ah 
Ethernet  over  copper  equipment 
to  offer  Ethernet  access  services 
to  these  fiber-deprived  cus¬ 
tomers.  Qwest  has  found  that 
these  Ethernet  in  the  First  Mile- 
compliant  products  offer  20M  to 
30M  bit/sec  services  on  three- 
mile  G.SHDSL  loops  when  cop¬ 
per  pairs  are  bonded  together. 

“It  expands  the  suite  of  access 
[services]  ”  Nair  said. 

Qwest  also  has  asymmetrical 
DSL2+  cards  in  its  laboratories 
and  could  roll  out  the  higher- 
See  SuperComm,  page  12 


A  Wider  Net 


Earthquakes,  fire  and  lightning: 
Must  be  a  NEBS  test 

Taking  a  switch  around 
back,  shotgun  in  hand. 


■  BY  BOB  BROWN 


The  blue  and  gray  chamber  looks 
harmless  enough.  Narrow  windows 
embedded  in  12-foot-wide,  18-foot- 
high  walls  tempt  visitors  to  peer  in  at  bare 
cement  blocks,  a  bright  yellow  video  cam¬ 
era  and  a  shiny  metal  apparatus  that  looks 
like  a  flute.Then  you  step  in  and  take  a 
whiff. 

“Pretty  strong,  huh?”  says  Clayton  Forbes, 
senior  project  engineer  at  National  Tech¬ 
nical  Systems  (NTS)  in  Boxborough,  Mass. 
“That’s  from  the  units  that  didn’t  make  it. 

See  NEBS,  page  14 
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Meet  the  IBM  eServer™  i5  system  —  designed  to  simplify  your  infrastructure.  It’s  the  first  IBM  server  with  POWER5™ 
technology.  And  the  latest  member  of  the  IBM  eServer  iSeries™  family.  What’s  more,  it  can  simultaneously  run  four 
operating  systems,  dynamically  allocating  resources  needed  for  each  application  and  operating  system!  On  demand. 
iSeries  technology  can  also  help  reduce  the  number  of  servers  you  manage  by  as  much  as  85%.  We  invite  you  to 
learn  more  about  how  to  make  your  business  more  efficient.  Just  visit  ibm.com/eserver/consolidate 


5  reasons  why  IBM  eServer  i5  systems  with  Power  Architecture ™  technology  can  simplify  your  infrastructure. 


Runs  four  operating 

Advanced  virtualization 

Capacity  on  demand. 

POWERS  processor- 

Integrated  for  easy 

systems  simultaneously. 

technologies. 

based  64-bit  technology 

management. 

@  server* 
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The  IBM  eServer  i5  system. 
Consolidate.  Integrate.  Celebrate. 


IXA  or  IXS  required  to  run  Windows.  Customers  must  license  O/Ss  separately.  IBM,  the  e-business  logo.  eServer,  the  eServer  logo.  iSeries,  Power  Architecture  and  POWER5  are  trademarks 
or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Windows  is  a  trademark  of  Microsoft  Corporation  in  the  United  States, 
other  countries,  or  both  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 
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Don’t  get  burned  by  Instant  Messaging. 


The  dangers  of  IM  are  glaring  —  unmanaged  IM  attachments  will  lead  to  security  hazards.  Shield  yourself  with  Websense  Enterprise' 
By  managing  IM  usage  as  well  as  file  attachments,  Websense  helps  you  keep  the  productivity  benefits  of  IM,  while  eliminating  the 
liabilities.  It’s  the  kind  of  intelligent  IT  protection  you  need. 

For  more  information  and  a  free  white  paper  on  managing  —  ""  ^ 

instant  messaging,  please  visit  www.websense.com/IM. 


€>2004.  Websense  liu  All  rights  reserved.  Websense  and  Websense  Enterprise  are  registered  trademarks  of  Websense,  Inc.  in  the  United 
States  and  certain  international  markets.  Websense  has  numerous  other  unregistered  trademarks  in  the  United  States  and  internationally. 
All  other  trademarks  are  the  property  of  their  respective  owners. 
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Taking  the  mess  out  of 

instant  messaging 

Like  it  or  not,  instant  messaging  has  become  a  valid  form  of  communication  within  corporations. 

The  challenge  is  to  control  IM  to  make  sure  it  doesn’t  hurt  your  company.  Network  World  has  you  covered, 
with  test  results  and  more  options  on  finding  tools  that  can  help  out.  Starts  on  Page  33. 

The  benefits  and  security  risks  of  IM.  Pages  33, 34. 

Pius,  L7  Enterprise  from  Akonix  wins  our  test  of  four  IM  products.  Page  36. 
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)  Exclusive 

Network  World  Fusion  Radio:  Security 
challenges 

This  week  Merike  Kaeo,  author  of  Designing  Network  Security,  Second 
Edition,  joins  us  to  discuss  some  of  the  security  challenges  network 
administrators  are  facing. 

DocFinder:  2635 


i  Columnists 

Wireless  Wizards 

What  is  the  next  wireless  security  surprise? 

The  Wizards  answer  a  reader  who  asks:  "Everyone  says  the 
security  problem  is  solved.  I  don’t  disagree,  but  security  being 
what  it  is,  where  should  we  watch  for  the  next  surprise?" 

DocFinder:  2639 


Drill  into  convergence 

We’ve  set  up  new  research  centers  with  the  latest  news  on  converged 
services,  VoIP  security,  and  convergence-related  standards  and  regulatory 
action.  Find  the  links  on  the  right  side  of  our  main  Convergence  page. 

DocFinder:  2636 


Telework  Beat 

Exposing  the  hidden  workforce 

Net.Worker  Managing  Editor  Toni  Kistner  looks  at  the  Hidden 
Tech  organization,  which  says  independent  professionais  are 
changing  the  residential  landscape.  DocFinder:  2640 


Buyer’s  Guide:  Network  configuration 
management 

Our  configuration  management  Buyer’s  Guide  provides  the  latest  product 
specs  on  configuration  management  products. 

DocFinder:  2637 


Small  Business  Tech 

Mystery  printing  and  the  price  of  pizza 
Columnist  James  Gaskin's  back  from  his  swing  on  the  Remote 
Office  Networking  Tour  and  sums  up  attendees'  concerns  — 
security.  DocFinder:  2641 


Seminars  and  events 

— 

Weekly  Webcast  Newsletter 

The  weekly  Webcast  Newsletter  brings  you  information  on  Webcasts  avail¬ 
able  on  Network  World  Fusion  —  your  24-7  source  for  the  latest  solu¬ 
tions  and  strategies,  complete  with  links,  resources  and  personal  answers 
you  need.  Covering  vital  topics  such  as  security,  applications  and  wireless, 
our  Webcasts  are  highly  focused,  single-topic  briefings  from  experts  in 
technology.  Sign  up  today.  DocFinder:  2542 


Home  Base 

Come  fire-walk  with  me 

Columnist  Steve  fielder  outlines  ways  home-based  business- 
people  can  motivate  their  virtual  teams  DocFinder:  2642 


Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder:  6342 
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What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump 
directly  to  the  requested  information. 
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■  Th  Good  BadTheUgly 


New  hacker  attack  targets  IIS 

■  Security  experts  last  week  blamed  a  Russian  hacker  group  for  an 
attack  designed  to  infiltrate  a  wide  number  of  Web  sites  based  on 
Microsoft’s  Internet  Information  ServerVersion  5.The  attack  is  based 
on  breaking  into  unpatched  Web  servers,  then  uploading  a  small 
file  with  JavaScript  “JS.Scob.Trojan”  to  alter  the  server’s  configura¬ 
tion,  SANS  Institute  says.  When  users  visit  an  infected  site,  the 
JavaScript  instructs  the  user’s  browser  to  download  executable 
code  from  a  Russian  Web  site.The  code  includes  keystroke  loggers, 
proxy  servers  and  other  back  doors.The  attack  appears  to  be  aimed 
at  capturing  the  victim’s  personal  data.  It  exploits  a  new  vulnerabil¬ 
ity  uncovered  in  Internet  Explorer.  As  of  early  Friday  there  was  no 
patch  from  Microsoft,  which  issued  a  bulletin  saying  customers 
who  have  deployed  Windows  XP  Service  Pack  2  RC2  are  not  at  risk. 
Microsoft  also  said  Web  servers  running  Windows  2000  Server  and 
IIS  that  have  not  applied  update  835732  “are  possibly  being  com¬ 
promised.”  Experts  say  the  group  responsible  could  choose  to 
cause  damage  in  compromised  machines  by  deleting  files  or 
launching  distributed  denial-of-service  attacks.  The  Microsoft  bul¬ 
letin  is  available  at  www.nwfusion.com,  DocFinder:  2649. 

E-mail  authentication  spec  advances 

■  Microsoft  has  submitted  a  draft  technical  specification  of  the  e-mail  authentication 
system  Sender  ID  to  the  IETF  for  consideration  as  a  standard.  Sender  ID  combines 
Microsoft’s  Caller  ID  for  E-mail  (which  was  submitted  to  the  IETF  for  consideration  in 
May)  with  Sender  Policy  Framework, authored  by  MengWeng  Wong, CTO  at  Pobox.com, 
a  provider  of  subscription-based  e-mail  forwarding  and  mailing  list  services.  Sender  ID 
maintains  lists  of  IP  addresses  from  which  sent  e-mail  can  be  traced  and  if  adopted  as 
a  standard, could  provide  a  way  to  close  loopholes  that  let  e-mail  senders  spoof  the  ori¬ 
gin  of  their  message. 

Network  Associates  denies  Microsoft  talks 

M  A  published  report  from  CRN  last  week  said  Network  Associates  will  be  put  up  for  sale 
and  that  Microsoft  is  rumored  to  be  the  buyer. The  story  cited  unnamed  sources  on  Wall 
Sheet  and  Network  Associates’  channel  partners.  However,  Network  Associates  emphati¬ 
cally  denied  the  story, saying  there  are  no  plans  to  put  the  company  up  for  sale,  nor  is  it  in 
discussions  with  Microsoft  or  any  other  company  on  that  score.  Network  Associates  is  in 
the  process  of  selling  its  Sniffer  division  to  Silver  Lake  Partners  and  Texas  Pacific  Group. 

COMPENDIUM 

Spam  rap 

Get  your  Flash  client  ready  and  your  sound  turned  up  and  then  go  to  U  Got  Spam 
(www.ugotspam.com)  for  the  best  (only?)  spam  rap  video  ever. 

You’ll  get  plenty  of  stuff  you  have  to  see  every  day,  even  Monday,  in 
Compendium,  www.nwfusion.com,  DocFinder:  1243. 


Spammers  and  slammers. 

An  AOL  employee  was  arrested  last  week  for  allegedly  stealing  a  list  of 
92  million  customer  screen  names  from  the  service  provider  and  selling  it  to 
another  person  who,  in  turn,  sold  it  to  spammers.  He  also  was  arrested,  according 
to  news  reports.  We’re  sure  the  IT  community  could  think  of  some  creative  punishment 
for  this  pair,  if  proven  guilty. 


eniac 


Computer  creator  dies. 

Mathematician  Herman  Heine  Goldstine, 
who  played  a  big  role  in  developing 
the  first  computer,  has  died  at  age  90. 
Goldstine  is  said  to  have  helped  persuade 
the  U.S.  military  to  back  creation  of  the 
groundbreaking  Electronic  Numerical 
Integrator  and  Computer  (ENIAC)  project 
in  the  1940s.  > 


Courtroom  drama.  While  tech  company 
courtroom  battles  can  be  a  snooze,  the  Department 
of  Justice’s  anti-trust  trial  against  Oracle  is  proving 
anything  but  that.  Not  only  has  the  action  provided 
a  view  into  the  drastic  discounting  taking  place  in  the 
software  market,  but  it  was  also  disclosed  last  week 
in  a  videotaped  deposition  by  CEO  Larry  Ellison 
that  next  on  Oracle’s  wish  list  after  PeopleSoft  flf 
are  Siebel  Systems  and  BEA  Systems.  ^ 


Wireless  vendor  slaps  Cisco  with  patent  suit 

■  A  small  Canadian  broadband  wireless  vendor  has  filed  a  lawsuit  in  Canada 
against  network  behemoth  Cisco.  Wi-LAN,  of  Calgary,  Alberta,  holds  several  key 
patents  on  a  radio  modulation  technique  called  orthogonal  frequency  division  mul¬ 
tiplexing.  The  vendor  says  this  technology  is  the  basis  for  802.1  la  and  802.1  lg  wire¬ 
less  LAN  products  and  that  Cisco  needs  a  license  from  Wi-LAN  to  keep  selling  its 
Aironet  and  Linksys  equipment.  Cisco  issued  a  terse  statement: “Wi-LAN  claims  that 
its  patents  are  related  to  industry  standards  and  appears  to  be  applying  the  patents 
to  the  Wi-Fi  industry  as  a  whole.  We  will  respond  as  appropriate  after  reviewing  the 
claims.” 

Intel  joins  AMD  with  64-bit  extensions 

■  Intel  this  week  is  expected  to  take  the  wraps  off  its  first  32-bit  chip  with  64-bit  exten¬ 
sion  technology  giving  customers  an  alternative  to  Advanced  Micro  Devices’  Opteron. 
Until  now,  Opteron,  unveiled  about  a  year  ago,  has  been  the  only  x86  chip  capable  of 
running  32-  and  64-bit  applications.  Analysts  say  the  success  of  Opteron,  which  is  found 
in  systems  from  HR  IBM  and  Sun,  helped  spur  Intel  to  accelerate  release  of  its  own  64- 
bit  extension  technology  for  its  Xeon  processors.  In  February,  Intel  announced  that  it 
would  64-bit-enable  its  Xeon  chips  by  midyear.  The  company  stands  to  meet  that  goal 
Monday  when  it  is  expected  to  roll  out  Nocona,  which  will  enable  dual-processor  Xeon 
systems  to  run  both  32-  and  64-bit  applications. 

Citing  ruling,  AT&T  pulls  plug  in  seven  states 

■  AT&T  last  week  announced  it  will  no  longer  compete  for  traditional  local  and  long¬ 
distance  voice  customers  in  seven  states:  Arkansas,  Louisiana,  Missouri, New  Hampshire, 
Ohio, Tennessee  and  Washington. The  carrier  says  it  will  continue  to  support  its  current 
customers  in  these  states.  AT&T  also  says  it  will  continue  to  offer  business  services  in  all 
of  these  markets.  It  will  continue  to  offer  its  consumer  AT&T  CallVantage  VoIP  service, 
which  uses  DSL  and  cable  modem  Internet  access  lines.  AT&T  says  the  government’s 
decision  earlier  this  month  will  let  RBOCs  raise  local  access  line  wholesale  rates  and 
essentially  forced  the  carrier  out  of  these  markets.  AT&T  says  the  RBOCs  have  the  abili¬ 
ty  to  raise  rates  as  early  as  November  and  it  is  reviewing  its  long-term  plans  to  offer  res¬ 
idential  services  in  the  remaining  39  markets  where  it  does  so  today.  MCI  and  Sprint, 
which  also  face  the  same  risk  of  rate  hikes  as  AT&T,  have  not  said  they  are  pulling  out  of 
any  of  the  markets  where  either  offers  consumer  services. 


CONSIDER  YOUR  NATIONAL 
DEALER  NETWORK. 

Consider  the  dots  connected. 


Now  we  can  design,  deliver  and  manage  a  data 
integration  system  that  brings  it  all  together. 
Converge  every  kind  of  business  network  -  dealers, 
brokers,  suppliers,  customers  -  across  platforms, 
across^America.  All  on  the  strong,  reliable  backbone 
of  the  SBC  network.  To  connect  the  dots  coast  to 
coast,  talk  to  your  SBC  account  representative. 
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Enterasys  delivers  switch-based  security 


■  BY  PHIL  HOCHMUTH 

Enterasys  Networks  this  week  is 
scheduled  to  announce  capabili¬ 
ties  on  its  LAN  edge  switches  that 
will  let  administrators  effectively 
cut  off  virus-infected  or  virus-vul¬ 
nerable  machines  trying  to  ac¬ 
cess  corporate  resources. 

The  vendors  Trusted  End-Sys¬ 
tem  Solution  (TES)  technology 
combines  Enterasys  hardware 
with  client-  and  server-based  end¬ 
point  assessment  software  from 
Zone  Labs  and  Sygate  to  let  each 
switched  Ethernet  port  act  as  a 
security  gateway  into  an  enter¬ 
prise  network. 

TES  works  with  Zone  Labs’ 
Integrity  products  and  Sygate’s 
Secure  Enterprise  software  suite, 
in  conjunction  with  Enterasys 
Matrix  C-,  E-  and  N-series  and 


wiring  closet  switches.  This  sys¬ 
tem  also  is  tied  closely  to  Enter¬ 
asys’  Netsight  Atlas  Policy  Man¬ 
ager,  which  is  a  server-based  net¬ 
work  policy  management  suite 
used  to  set  up  network  profiles 
and  policies  for  end  users  and  to 
define  what  resources  they  can 
access. 

Enterasys  earlier  this  year  an¬ 
nounced  the  ability  for  its  Policy 
Manager  to  enforce  access  rules 
on  switches,  based  on  alerts  from 
the  vendor’s  Dragon  intrusion- 
detection  system  (IDS)  products. 

TES  comes  on  the  heels  of 
Cisco’s  announcement  of  router- 
based  support  for  its  Network 
Admission  Control  (NAC)  tech¬ 
nology  which  uses  client  anti¬ 
virus  software  partner  products  to 
help  enforce  remote  network 
See  Enterasys,  page  12 
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Port-level  security 


Enterasys  can  work  with  client  assessment  software  from  Zone  Labs  and  Sygate  to 
inspect  end-user  machines  for  potential  threats  before  assigning  network  policies  and 
allowing  access. 


Q  A  client  machine  connects  to  an  Enterasys  switch  via  ©  f  accepted,  a  message  is  sent  to  a  RADIUS  ©  The  Enterasys  switch  opens 
the  802.1x  protocol,  and  can  only  access  a  third-  server.  This  server  authenticates  the  client  the  port  and  allows  the  user 

party  assessment  server.  The  assessment  server  against  a  user  name/password  database.  access  to  network  resources, 

inspects  the  machine’s  anti-virus  operating  system  If  approved,  the  RADIUS  server  tells  the 
patch-level  data  (provided  via  client-based  software.)  Enterasys  switch  to  open  the  port, 
v _ _ _ _ _ 


Moribund  Comdex  show  takes  a  vacation 


You've  been  canceled 

Comdex  reached  its  peak  in  the  late  1990s 
before  contracting  to  a  fraction  of  its 
maximum  size. 
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■  BY  ANN  BEDNARZ  AND 
JOHN  COX 

While  the  cancellation  of  this 
year’s  Comdex  show  is  supposed 
to  provide  a  one-year  hiatus  so 
the  event’s  organizers  can  re¬ 
group,  many  industry  observers 
predict  the  suspension  might 
become  permanent. 

“Phoenixes  never  rise,”  says 
Frank  Dzubeck,  president  of  Com¬ 
munications  Network  Architects 
and  a  member  of  the  Comdex 
advisory  board  for  20  years  begin¬ 
ning  in  1981.  He’s  skeptical  that 
MediaLive  International,  which 
produces  Comdex,  will  be  able  to 
regain  any  momentum  after  a 
one-year  absence. 

Comdex  could  be  dead,  agrees 
Andrew  Olson,  managing  director 
for  consulting  firm  Team  Group 
International." [New  owner]  Med- 
iaLive’s  marketing  never  under¬ 
stood  the  marketplace.  I  don’t 
think  it’s  going  to  come  back.  ” 

Last  week,  MediaLive  said  it  was 
canceling  this  year’s  Comdex 
trade  show  because  of  a  lack  of 
support  from  the  industry’s  big¬ 
gest  IT  vendors.  In  particular,  ven¬ 
dors  such  as  IBM,  Sun  and  Del! 
have  been  missing  from  the  show 
floor  in  recent  years. 

One  reason  Comdex  —  a  fixture 
in  the  IT  world  for  25  years  —  has 
lost  a  lot  of  its  luster  is  the  percep¬ 
tion  that  it  was  no  longer  pulling 
in  enterprise  IT  buyers.  Faced  with 
increasing  competition  from  the 


Consumer  Electronics  Show  held 
every  January  in  Las  Vegas,  Com¬ 
dex  tried  to  embrace  the  con¬ 
sumer  electronics  market.  Be¬ 
cause  of  that,  the  show  headed  off 
on  the  wrong  course,  says  Rob 
Enderle,  principal  analyst  for  The 
Enderle  Group.  “It  became  too 
much  of  a  toy  show!’ 

The  trade  shows  that  are  pros¬ 
pering  today  target  one  industry, 
such  as  Supercomm  with  its  tele¬ 
com  bent,  observers  say 

A  similar  IT  show  stalwart, 
ComNet  suffers  from  the  same 
lack  of  focus,  he  says.  In  fact,  IDG 
World  Expo,  a  Network  World  cor¬ 
porate  cousin,  is  evaluating  the 


status  of  the  ComNet  event  in 
Washington,  D.C.,  for  2005.  So  far 
the  show  is  not  on  the  company’s 
calendar  for  next  year.  Organizers 
are  working  to  revamp  ComNet 
into  something  more  relevant  to 
today’s  technology  buyers  and 
sellers,  says  Doug  Gold,  vice  presi¬ 
dent  of  business  development  at 
IDG  World  Expo. 

Another  trend  that  hurt  Comdex 
is  the  change  in  buying  practices, 
says  Sam  Whitmore, editor  of  “Sam 
Whitmore’s  Media  Surve/  which 
analyzes  the  technology  media 
business. 

These  days  vendors  are  tunnel¬ 
ing  money  slated  for  lead  genera¬ 


tion  to  other  outlets  besides  trade 
shows,  he  says.Vendors  use  e-mail 
campaigns,  newsletters,  down¬ 
loadable  white  papers  and  a 
plethora  of  Web-based  applica¬ 
tions  to  find  sales  prospects. 

“The  original  concept  behind  a 
trade  show  is  that  big  vendors 
would  come  in  and  have  closed- 
door  meetings  to  line  up  distribu¬ 
tion  deals  and  volume  sales,” 
Whitmore  says.  But  buying  over 
the  Internet  has  changed  all  that. 
Sites  such  as  Bitpipe.com  make 
product  literature  available  on¬ 
line,  he  says.  “Why  does  anyone 
positively  absolutely  have  to  trek 
to  Vegas  to  learn  about  product 


details?  You  don’t." 

Meanwhile,  MediaLive  says 
Comdex  will  be  back  in  Las  Vegas 
next  year,  after  a  new  advisory 
board  spends  a  year  trying  to  fig¬ 
ure  out  what’s  best  for  the  show. 

“We  need  to  build  back  trust 
with  the  vendors,  with  companies 
like  IBM,  Intel  and  Dell  that  hadn’t 
been  in  the  show  since  1997, ’’says 
Eric  Faurot,  vice  president  and 
general  manager  of  Comdex  at 
MediaLive.  (Dell  did  have  a  dis¬ 
play  at  last  year’s  event.) 

The  vendor-centric  advisory 
board  established  to  recast  Com¬ 
dex  includes  representatives  from 
Microsoft,  Oracle,  EMC  and  Ad¬ 
vanced  Micro  .Devices.  While  oth¬ 
er  enterprise  heavyweights  have 
strayed,  Microsoft  has  been  a  con¬ 
stant  at  the  show  since  Bill  Gates 
delivered  his  first  keynote  in  1983. 

Faurot  says  MediaLive  worked 
closely  with  Microsoft  throughout 
the  process  of  deciding  Comdex’s 
2004  fate.“We  agree  that  it  doesn’t 
make  sense  to  have  an  event  with¬ 
out  a  critical  mass  and  broader 
support  of  industry  leaders,” 
Faurot  says. 

He’s  optimistic  Comdex  will 
return  next  year.  “We’ve  got  some 
of  the  smartest  people  in  the 
industry  from  these  companies 
talking  about  how  to  make  this 
event  valuable.” 

IDG  News  Service  correspon¬ 
dent  Agam  Shah  contributed  to 
this  story. 
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Anti-phishing  efforts  need  teeth 


r ;  ■■  v  Yw  .  ■  ■  ■  .y  ■  v  .  .  ;  .  ••  . 

Gophish 

May  statistics  highlight  the  scope  of  phishing  attacks. 

Number  of  unique  phishing  attacks 

1,197 

Peak  number  of  unique  phishing  attacks  per  week  321 

Organization  most  targeted  by  attacks 

Citibank 

Industry  most  targeted  by  attacks 

Financial  services 

Percentage  of  attacks  that  use  e-mail  spoofing 

95% 

SOURCE  ANTI. PHISHING  WORKING  GROUP 
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■  BY  CARA  GARRETSON 

As  phishing  quickly  becomes 
the  next  big  headache  for  con¬ 
sumers  and  businesses  wanting 
to  communicate  with  them  via 
e-mail,  a  number  of  industry 
groups  have  emerged  to  combat 
the  problem.  However,  until  tech¬ 
nology  is  implemented  to  auth¬ 
enticate  e-mail  sources,  observers 
say  little  can  be  done  to  fight  this 
form  of  electronic  fraud. 

In  addition  to  the  Trusted  Elec¬ 
tronic  Communications  Forum 
(TECF),  which  IBM,  Best  Buy  and 
others  formed  two  weeks  ago, 
MasterCard  last  week  announced 
a  partnership  with  online  brand- 
protection  service  NameProtect 
to  detect  and  combat  phishing 
attacks  as  they  are  happening. 
These  initiatives  join  the  Anti- 
Phishing  Working  Group,  estab¬ 
lished  last  year  by  a  number  of 
industry  players. 


Phishing  scams,  in  which  crimi¬ 
nals  send  e-mail  under  the  guise 
of  a  well-known  company  and 
point  unsuspecting  recipients  to  a 
Web  site  where  they’re  fooled  into 
divulging  financial  information, 
are  at  an  all-time  high.  The  Anti- 
Phishing  Working  Group  says 
nearly  1,200  unique  phishing 
attacks  were  reported  in  May 
While  viewed  largely  as  a  con¬ 
sumer  issue,  companies  that  rely 


on  electronic  communications 
also  will  feel  the  effects  of  phish¬ 
ing  if  fewer  and  fewer  customers 
open  their  e-mail. 

“The  biggest  issue  to  [corpora¬ 
tions]  is  it  damages  the  credibility 
of  e-mail  communications,  so 
they  can’t  count  on  this  channel 
with  customers,” says  Avivah  Litan, 
vice  president  and  research  direc¬ 
tor  with  Gartner. “In  this  sense  it’s 
damaging  to  their  brand.” 


VeriSign  announces  security, 
anti-phishing  services 


■  BY  ELLEN  MESSMER 

VeriSign  this  week  plans  to 
announce  two  sets  of  services  to 
combat  spam  as  well  as  fraud 
caused  when  criminals  set  up 
phony  Web  sites  that  mimick 
legitimate  ones  to  gain  victims’ 
personal  data. 

The  company  on  July  12  ex¬ 
pects  to  begin  offering  an  anti¬ 
spam  and  anti-virus  filtering  ser¬ 
vice,  like  those  offered  by  com¬ 
petitors  such  as  Postini,says  Chad 
Kinzelberg,  vice  president  of 
Secure  Sockets  Layer  and  VeriSign 
Security  Services. 

Customers  of  the  VeriSign  E-Mail 
Security  Service  redirect  corpo¬ 
rate  e-mail  to  mail  servers  hosted 
in  VeriSign  data  centers,  including 
those  in  Mount  View,  Calif.,  and 
Dulles,  Va.,  to  have  their  e-mail 
scanned.  No  software  is  required. 

The  anti-spam/anti-virus  filter¬ 
ing  will  cost  from  $1  to  $3  per 
user,  per  month.  The  service  will 
be  based  on  licensed  anti-virus 
engines  from  Symantec,  Trend 
Micro  and  Sophos.and  the  Front- 
Bridge  anti-spam  engine. 

Kinzelberg  says  VeriSign  will  try 
to  duplicate  the  load-balancing 
measures  it  takes  in  maintaining 
domain-name  servers. 


In  the  flow 

110  IT  managers  were  asked 
what  percentage  of  their 
company’s  e-mail  is  spam. 

71-80% — \  10-20% 

61-70% 

51-60% 

41- 

50%~ 

31-40% 

21-30% 

SOURCE:  INS1GHTEXPRESS 
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VeriSign  also  is  branching  out  to 
provide  anti-phishing  consulting, 
monitoring  and  response  for  cor¬ 
porations  combating  the  prolifer¬ 
ation  of  fake  Web  sites  that  look 
like  real  sites.  Phishing  sites  trick 
victims  into  entering  personal  in¬ 
formation,  usually  after  they  re¬ 
ceive  an  e-mail  instructing  them 
to  go  to  the  fraudulent  Web  site. 

Under  the  service  —  based  on 
customer-specific  pricing  but 
expected  to  run  into  the  thou¬ 
sands  of  dollars  per  month  — 
VeriSign  will  closely  watch  for  reg¬ 
istration  of  Web  site  domain 


names  that  could  be  phishing 
sites.  VeriSign  immediately  will 
notify  corporate  customers  of 
scams  and  ISPs  hosting  the  fake 
Web  sites. 

“We’ll  work  with  the  customer, 
law  enforcement  and  the  ISP  to 
shut  it  down,”  Kinzelberg  says, 
adding  that  VeriSign  doesn’t  have 
the  legal  power  to  simply  yank 
use  of  the  domain  name. 

According  to  eBay  Chief  Sec¬ 
urity  Officer  Howard  Schmidt,  the 
phishing  problem  probably  can 
be  remedied  through  changes  in 
the  Web  browser  that  Microsoft 
plans  to  make  by  year-end. This  is 
expected  to  make  it  easier  for  the 
user  to  understand  site  validation 
performed  through  the  digital- 
certificate  checking  process. 

VeriSign  says  there  still  is  room 
for  its  anti-phishing  service  even 
if  this  best-case  scenario  occurs 
and  the  Microsoft  fix  that  Schmidt 
is  alluding  to  works. 

“I  hope  he’s  correct, "says  Kinzel¬ 
berg,  noting  that  VeriSign,  a  digital 
certificate  provider,  also  is  in¬ 
volved  with  Microsoft  on  this 
effort.  But  even  if  the  software 
change  works,  there  probably  are 
450  million  browsers  in  use  today, 
and  not  all  of  them  will  get  this 
upgrade,  he  says.H 


TECF — with  members  from  the 
technology  industry,  including 
CipherTrust  and  FostX,  and  com¬ 
panies  in  the  financial  and  retail 
arenas  —  was  formed  to  promote 
the  adoption  of  standards  that 
could  curtail  phishing.  Among  the 
options  are  a  number  of  sender- 
authentication  proposals  that  are 
currently  circulating,  such  as 
Microsoft’s  Caller  ID  specification 
and  a  competing  proposal  from 
Yahoo  called  Domain  Keys.  Both 
of  these  are  designed  to  authenti¬ 
cate  the  identity  of  an  e-mail 
sender  so  that  phishers  can’t 
spoof  an  e-mail  address. 

Shawn  Eldridge,  TECF’s  chair¬ 
man  and  director  of  products  and 
marketing  at  PostX,  won’t  say 
which  technology  standards  the 
group  will  promote.  Nor  will  he 
offer  a  time  frame  for  when  tech¬ 
nology  will  be  decided  on. 

That  means  implementation  of 
the  group’s  chosen  standards  is 
unlikely  to  happen  in  the  short 
term. 

“The  obvious  solution  [to  phish¬ 
ing]  is  some  kind  of  caller  ID  for 
the  Internet,  which  means  you’ve 
got  to  update  all  the  domain 
name  directories  and  browsers 
and  e-mail  clients,  and  that’s  years 
and  years  away”  Litan  says. 

Meanwhile, TECF  will  try  to  edu¬ 
cate  consumers,  lawmakers  and 
the  industry  about  phishing,  and 
it  will  build  the  ranks  of  its  mem¬ 
bership,  albeit  on  a  selective  basis 
to  maintain  the  group’s  focus. 

The  Anti-Phishing  Working 
Group  already  offers  similar  ser¬ 
vices.  The  group  hosts  a  Web  site 
(www.antiphishing.org)  to  alert 
the  public  to  phishing  scams  and 
offers  other  educational  informa¬ 
tion,  so  to  some  the  TECF  seems 
like  more  of  the  same. 

“It  seems  like  there  might 
be  some  duplication  of  goals 
and  efforts,”  Dave  Jevans,  chair¬ 
man  of  the  Anti-Phishing  Work¬ 
ing  Group,  said  when  the  TECF 
was  announced. 

To  others  who  have  been  the 
victim  of  phishing  scams,  the 
more  the  merrier. 

“Any  group  that  comes  together 
to  try  to  fight  phishing  and  spoof¬ 
ing  online  and  tries  to  improve 
the  online  experience  is  a  good 
thing,”  says  Amanda  Pires,  spokes¬ 
woman  with  eBay’s  PayPal  divi¬ 
sion,  whose  customers  have  wit¬ 
nessed  countless  phishing  at- 
tacks.“We  are  certainly  supportive 
of  efforts  on  every  part  of  the 
industry  that  tries  to  stop  this 
insidious  behavior1  ■ 


EDITORIAL  DIRECTOR:  JOHN  GALLANT 
EDITOR  IN  CHIEF:  JOHN  DIX 


■  NEWS 

EXECUTIVE  EDITOR,  NEWS:  BOB  BROWN 
ASSOCIATE  NEWS  EDITOR:  MICHAEL  COONEY 
ASSOCIATE  NEWS  EDITOR:  PAUL  MCNAMARA 

■  INFRASTRUCTURE _ 

SENIOR  EDITOR:  JOHN  FONTANA 

(303)  377-9057:  Fax:  (303)  377-9059 

SENIOR  EDITOR:  JOHN  COX 

(978)  834-0554;  Fax:  (978)  834-0558 

SENIOR  EDITOR:  DENI  CONNOR 

(512)  345-3850;  FAX:  (512)  345-3860 

SENIOR  EDITOR:  TIM  GREENE 

SENIOR  EDITOR:  PHIL  HOCHMUTH 

SENIOR  EDITOR:  JENNIFER  MEARS,(608)  8388490; 

Fax:  (608)  836-8491 

■  NET.W0RKER 


MANAGING  EDITOR:  TONI  KISTNER.  (207)  8788246 

■  SERVICE  PROVIPERS _ 

SENIOR  EDITOR:  DENISE  PAPPALARDO, 

(703)  7687573 

MANAGING  EDITOR:  JIM  DUFFY 

■  ENTERPRISE  APPLICATIONS 


SENIOR  EDITOR:  ELLEN  MESSMER, 

(941)  792-1061 

SENIOR  EDITOR:  CAROLYN  DUFFY  MARSAN, 

(703)  9 178621;  Fax:  (703)  9178622 

SENIOR  EDITOR:  ANN  BEDNARZ 

SENIOR  WRITER:  DENISE  DUBIE 

SENIOR  EDITOR:  CARA  GARRETSON.  (240)  2460098 

■  COPY  DESK/LAYOUT 

ASSISTANT  MANAGING  EDITOR:  RYAN  FRANCIS 
COPY  CHIEF:  BRETT  COUGH 
SENIOR  COPY  EDITOR:  JOHN  DOOLEY 
SENIOR  COPY  EDITOR:  GREG  CUSACK 
COPY  EDITOR:  MONICA  HAMILTON 

■  ART 


OESIGN  DIRECTOR:  ROB  STAVE 
ART  DIRECTOR:  TOM  NORTON 
SENIOR  DESIGNER:  BRIAN  GAIDRY 
SENIOR  DESIGNER:  STEPHEN  SAUER 

■  FEATURES 


FEATURES  EDITOR:  NEAL  WEINBERG 

SENIOR  MANAGING  EDITOR,  FEATURES:  AMY  SCHURR 

OPINIONS  PAGE  EDITOR:  SUSAN  COLLINS 

■  CLEAR  CHOICE  TESTS 

LAB  ALLIANCE  DIRECTOR:  CHRISTINE  BURNS, 

(717)  243-3686 

SENIOR  EDITOR,  PROOUCT  TESTING:  KEITH  SHAW 

(508)  490-6527 

LAB  ALLIANCE  PARTNERS:  JOEL  SNYDER.  Opus  One; 
JOHN  BASS.Cenlennial  Networking  Labs;  BARRY 
NANCE,  independent  consultant:  THOMAS 
POWELL,  PINT;  Miercom;  THOMAS  HENDERSON. 
ExtremeLabs;  TRAVIS  BERKLEY.  University  of 
Kansas;  DAVID  NEWMAN,  Network  Test; 
CHRISTINE  PEREY,  ftrrey  Research  &  Consulting; 
JEFFREY  FRITZ,  University  of  California, San 
Francisco;  JAMES  GASKIN.  Gaskin  Computing 
Services.  MANDY  ANDRESS. ArcSec;  GREG  GOD¬ 
DARD,  EDS:  RODNEY  THAYER,  Canola  &  Jones 
CONTRIBUTING  EDITORS:  DANIEL  BR1ERE.  MARK  GIBBS, 
JAMES  KOBIELUS,  MARK  MILLER 

■  NETWORK  WORLD  FUSION 


EXECUTIVE  EDITOR,  ONLINE:  ADAM  GAFFIN 
MANAGING  EDITOR:  MELISSA  SI  IAW 
EVENTS  EDITOR:  SANDRA  GITTLEN 
MANAGING  EDITOR,  ONLINE  NEWS:  JEFF  CARUSO. 
(631)  584-5829 

ASSOCIATE  ONLINE  NEWS  EDITOR:  LINDA  LEUNG. 
(510)  7682808 

MULTIMEDIA  EDITOR:  JASON  MESERVE 
SENIOR  ONLINE  COPY  CHIEF:  SHERYL  HODGE 
SENIOR  ONLINE  GRAPHIC  DESIGNER:  ZACH  SULUVAN 

■  SIGNATURE  SERIES 

EDITOR:  BETH  SCHULTZ, 

(773)  283-0213;  Fax:  (773)  283-0214 
EXECUTIVE  EDITOR:  JUUE  BORT,  (970)  482-6454 
COPY  EDITOR:  BRETT  COUGH 

EDITORIAL  OPERATIONS  MANAGER:  CHERYL  CRIVELLO 
OFFICE  MANAGER,  EDITORIAL:  GLENNA  FASOLD 
EDITORIAL  OFFICE  ADMINISTRATOR:  PAT  JOSEFEK 
MAIN  PHONE:  (508)  460-3333 
E-MAIL  first  namejast  name@nww.com 


s 

-C 

M- 

o 

? 

S 

Cl 

O 

o. 

0) 

JC 

OJ 

ra 


►  Get  a  FREE 


copy  of  The 
Backup  Book * 


and  download  our 
enterprise  white  paper! 
Enter  code  ADV1 1 7  at 
www.theanswerisX.com 


HOW  MUCH  DO  YOU 
TRUST  YOUR  BACKUP  SOLUTION? 

INTRODUCING  THE  PX720.  ► 

T 

THE  ANSWER  IS  X. 


Data  protection  you  can  trust.  In  a  world  of  uncertainty,  one  thing 
you  shouldn't  have  to  worry  about  is  protecting  your  data.  Now,  Quantum 
gives  you  one  less  thing  to  worry  about  -  The  Answer  is  X.  The  new  PX720 
sets  the  standard  in  tape  library  reliability,  flexibility,  growth  and  value.  Unlike 
the  competition,  the  PX720  raises  the  bar  by  including  redundant  power  and 
cooling,  library  management  and  installation,  and  also  delivers  the  highest 
density  per  square  foot  -  all  at  no  additional  cost.  For  the  complete  answer, 
call  866-827-1500,  or  visit  us  at  www.theanswerisX.com. 
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speed  access  service  by  year-end 
as  an  upgrade  or  enhancement  to 
its  very  high-speed  DSL  (VDSL) 
service,  Nair  said.  ADSL2+  is  said 
to  support  speeds  of  25M  bit/sec 
on  5,000-foot  spans,  while  VDSL 
supports  50M  bit/sec  at  up  to 
1,000  feet. 

Qwest  has  50,000  VDSL  sub¬ 
scribers  that  receive  voice,  video 
and  data  “triple  play” services  over 
those  lines. 

On  the  VoIP  front,  Qwest  last 
week  announced  a  net-based 
business  VoIP  service  called  One 
Flex.  OneFlex  is  the  VoIP  offering 
to  Qwest’s  iQ  Networking  VPN  ser¬ 
vice  for  corporations,  which  uses 
the  carrier’s  nationwide  Multi-pro¬ 
tocol  Label  Switching  network. 

The  Qwest  network  carries  1  bil¬ 
lion  voice  minutes  per  month  and 
is  designed  for  maximum  laten¬ 
cies  of  100  millisec. 

VPNs  also  are  high  on  Bell- 
South’s  list  of  priorities.The  RBOC 
is  working  on  a  Layer  2  “multi-pro¬ 
tocol”  VPN  service  that  provides 
“intelligent”  transport  of  IP  and 
non-IP  protocols  —  such  as  SNA 
and  IPX  —  for  intranets, said  Mark 
Kaish,  BellSouth  vice  president  of 
next-generation  services. 

Also  on  BellSouth’s  docket  is 


tion,”  says  Mike  Hawkins,  associate  director  of  networking  at  the 
University  of  North  Carolina,  Chapel  Hill. 

Alcatel  OmniStack,  Cisco  Catalyst  and  Enterasys  Matrix  switches  are 
deployed  in  real-world  environments  through  the  flagship  UNC  cam¬ 
pus,  which  supports  50,000  users,  and  has  75,000  Ethernet  LAN  ports 
and  400  wireless  LAN  access  points,  Hawkins  says. 

“We  have  a  particularly  nasty  network,  he  says, “in  the  sense  that  we 
have  users  coming  online  with  a  lot  of  bad  stuff.”  This  includes 
unpatched  Windows  machines  and  virus-infected  PCs. “Not  one  solu¬ 
tion  will  hit  all  the  things  we  need  to  hit.” 

UNC  is  looking  to  augment  its  current  IDS, anti-virus  and  security  appli¬ 
ance  infrastructure  with  an  intelligent  LAN  edge  switch  that  can  provide 
port-level  security  to  connected  users.  Hawkins  says  that  so  far,  Enterasys 
is  ahead  of  the  game. 

Enterasys’  TES  technology  uses  client  software  from  Sygate  or  Zone 
Labs  to  audit  every  corporate  PC  or  laptop  attaching  to  the  company. 
When  logging  on,  an  assessment  server  from  either  of  the  two  ven¬ 
dors  provides  a  first  line  of  defense,  even  before  clients  obtain  Layer 
2  network  access  or  an  IP  address  from  a  Dynamic  Host 
Configuration  Protocol  server. 

This  approach  is  similar  to  what  Alcatel,  Cisco  and  Nortel  have 
announced  as  future  plans.  Regarding  Cisco’s  NAC  push, “this  is  not  a 
me-too  announcement  from  Enterasys,”  says  Abner  Germanow,  a 
research  director  at  1DC. 

Cisco  and  Alcatel  have  outlined  plans  to  secure  networks  by  quar¬ 
antining  potentially  dangerous  users  with  VLAN  technology  on  their 
respective  LAN  switches.  Enterasys  ties  network  enforcement  to  its 
Policy  Manager  product,  which  can  provide  a  finer  level  of  network 
access  authentication  and  privileges,  according  to  the  company. 

Instead  of  denying  all  access  to  dangerous  users  or  shunting  them 
into  a  quarantine  VLAN  bucket  with  limited  network  access, TES  can 
assign  a  pre-defined  network  identity  to  potentially  unsafe  clients, 
according  to  John  Roese,  CTO  at  Enterasys.  He  says  this  method  is 
easier  to  deploy  and  manage  because  it  does  not  require  setting  up 
special  VLANs  on  a  network.  Also,  assigning  user-based  policies 
allows  for  a  tighter  level  of  control  than  the  admit/deny/quarantine 
approach  competitive  switch  makers  are  adopting,  he  says.  ■ 


Spending  buoys  telecom  show 


BY  TIM  GREENE 


SUPE 


CHICAGO  —  SuperComm  2004 
last  week  was  all  about  new  ser¬ 
vices  —  how  to  create  them,  provision  them  and 
deliver  them  to  customers. 

At  this  year’s  edition  in  Chicago,  attendance  had 
grown  —  the  unofficial  tally  neared  30,000,  up  about 
one-fifth  —  over  last  year,  and  people  seemed  to  be 
going  about  business  with  a  clear  focus.  “It’s  not  a 
show  anymore,”  said  one  vendor.“It’s  all  work.There’s 
no  magicians,  no  jugglers.” 

The  most  stunning  announcement  this  year,  a  $6 
billion  commitment  by  SBC  to  build  fiber  networks 
into  residential  neighborhoods,  snapped  heads 
around  for  its  sheer  size  and  boldness.The  company 
seized  on  a  court  ruling  that  protects  carriers  that 
own  networks  from  having  to  lease  new  network 
technology  to  competitors  at  cut  rates.  That  ruling, 
says  SBC  Chairman  Ed  Whitacre,  paves  the  way  for 
new  services. “Everybody  recognizes  the  rules  have 
held  back  what  we  need  to  do,” he  said. 

FCC  Chairman  Michael  Powell,  a  keynote  speaker, 
vowed  to  help  by  curbing  further  regulations  that 
chew  up  carriers’  time  and  expense. “They  can  redi¬ 
rect  that  money  to  switches  and  fiberj’he  said, noting 
that  hands-off  is  the  best  way  to  promote  innovation, 
particularly  in  broadband  wireless  services.  (See 
related  story,  page  23). 

Also, Sprint  announced  a  $1  billion  promise  to  over¬ 
haul  its  wireless  network  so  it  supports  a  five-fold  in¬ 


crease  in  data  speeds.  Sprint  says 
embracing  Evolution  Data  Opti¬ 
mized  technology  will  result  in 
new  high-speed  services  in  2006. 

Again  and  again, VoIP  service  technology  got  a  lift. 
Verizon  announced  it  is  installing  softswitches  for 
the  first  time  to  carrv  local,  not  just  long-distance,  IP 
voice  traffic.  While  limited  to  California  and 
Washington  state,  the  deployment  could  herald  a 
new  wave  of  voice-data  services. 

VoIP  sells,  said  Don  Logan,  chairman  of  Time 
Warner’s  Media  &  Communications  Group,  during 
his  SuperComm  keynote  address. ATime  Warner  trial 
of  the  technology  in  Portland,  Maine,  has  snatched 
one  in  10  subscribers  from  traditional  voice 
providers  with  most  of  them  buying  VoIP  bundled 
with  TV  programming  and  Internet  access,  he  said. 

VoIP  played  a  major  role  in  a  demonstration  that 
DSL  can  compete  against  cable  for  services  such  as 
voice,  video,  gaming,  home  entertainment  and 
Internet  access.  The  DSL  Forum’s  demo  highlighted 
easily  configured  home  networks  that  support  these. 

Sylantro  Systems  demonstrated  how  VoIP  can 
anchor  mixed-media  services  by  blending  separate 
voice  and  text  capabilities.  For  the  show,  the  software 
maker  created  a  service  that  lets  Yahoo  customers 
checking  on  their  instant-messaging  activity  click  on 
a  buddy’s  name  to  call  them  on  the  phone.  A  service 
provider  with  the  right  infrastructure  could  use  the 
software  to  sell  Yahoo  IM  customers  an  add-on  ser¬ 
vice,  Sylantro  says.  ■ 


fc  fit  We  are  now  as  likely  to  talk  about  Wi-Fi 
and  VoIP  as  we  are  about  ATM  and  frame 
[relay],  11 


Barry  Allen 

Executive  vice  president,  Qwest 


broader  wireline/wireless  integra¬ 
tion,  specifically  wireless  access 
to  the  carrier’s  network  VPN  ser¬ 
vice;  VoIP  over  Wi-Fi  and  cellular; 
and  the  ability  for  business  users 
to  access  all  of  their  desktop  func¬ 
tions  from  a  handheld  device. 

Like  Qwest,  BellSouth  also  views 
access  as  a  hot-ticket  item.  The 
carrier  will  begin  ADSL2+  equip¬ 
ment  deployments  in  the  second 
half  of  the  year,  and  is  working  on 
a  “mid-band”  access  service  to 
support  speeds  between  T-l  and 
10M  bit/sec  Ethernet  over  copper, 
Kaish  said. 

Ethernet  also  is  on  SBC’s  front 
burner.The  carrier  is  working  on  a 
10G  bit/sec  point-to-point  metro¬ 
politan  Ethernet  service  called 
DecaMAN  that  it  hopes  to  make 
commercially  available  at  the  end 
of  this  year  or  early  next,  says  CTO 
Chris  Rice.DecaMAN  is  in  use  by 
three  unidentified  SBC  customers 
and  is  intended  for  storage  and 
data  center  connectivity  applica¬ 


tions,  Rice  said. 

SBC  is  investing  heavily  in  a 
fiber  buildout,  specifically  $6  bil¬ 
lion  over  three  or  four  years  on 
Fiber  to  the  Neighborhood,  also 
known  as  Fiber  to  the  Node 
(FTTN).  Fiber  will  come  to  within 
5,000  feet  of  customer  premises, 
and  then  access  to  that  fiber  will 
be  provided  over  VDSL  and 
ADSL2+  connections  at  15M  to 
25M  bit/sec. 

“As  I  roll  out  FTTN,  the  customer 
is  still  served  by  DSL,”  Rice  said. 

ADSL2+  connections  could 
achieve  50M  bit/sec  with  a  bond¬ 
ed  copper  pair,  he  says. 

On  VoIRSBC  plans  to  roll  out  its 
network-based  PremierSERV 
Hosted  IP  Communication  Ser¬ 
vice  to  20  additional  cities  by 
year-end.  It’s  available  in  50  now. 

VoIP  is  also  on  Verizon’s  radar. 
The  RBOC  is  on  schedule  to 
unveil  a  network-based  QoS  ser¬ 
vice  for  enterprise  customers  in 
the  fourth  quarter,  but  last  week 


also  disclosed  plans  to  roll  out  a 
Centrex  IP  service  in  early  2005. 

Verizon’s  investment  in  value- 
added  services  such  as  VoIP  will 
“grow  considerably  over  the  next 
couple  of  years,”  said  CTO  Mark 
Wegleitner. 

Investment  in  access  technolo¬ 
gies  has  been  “very  heavy”  over 
the  past  few  years,  Wegleitner 
says.  Like  SBC, Verizon  is  investing 
$1  billion  annually  to  take  fiber 
directly  to  the  customer  premises 
—  3  million  premises  by  the  end 
of  2005. 

Fiber  to  the  Premises  (FTTP) 
provides  greater  “headroom”  for 
Verizon  in  terms  of  adding  new 
services  and  reducing  opera¬ 
tional  costs,  Wegleitner  says. 

“We  can  provide  the  most  com¬ 
petitive  [alternative]  to  cable  TV 
triple  pla^’  he  said,  comparing 


FLI  P  fiber  drops  with  the  VDSL 
and  ADSL2+  copper  drops  SBC 
plans.“And  a  major  component  is 
to  reduce  costs.  A  manual  provi¬ 
sioning  process  becomes  a  back- 
office  operation.” 

Verizon  is  evaluating  ADSL2+  as 
a  “natural  extension”  to  its  DSL 
service.  ■ 
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access  on  Cisco  routers.  Cisco  also  said  it  would  support  switch-based 
port  blocking  via  NAC  in  2005.  Alcatel  also  has  a  switch  technology  in 
the  works  for  quarantining  worm-infected  machines  into  a  secure  vir¬ 
tual  LAN  (VLAN).  Nortel’s  BayStack  switches  also  can  utilize  IDS  and 
anti-virus  technology  from  third-party  vendors  to  block  unsafe  clients. 

This  trend  in  network  switch  technology  is  based  on  increasing  user 
demand  for  tools  to  lock  down  LANs. 

“We  need  a  way  to  push  security  policies  out  to  [LAN]  edge  switch¬ 
es  and  do  it  in  a  way  that  doesn’t  require  as  much  manager  interven- 
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A  tester  at  an  NTS  lab  prepares  a  fire  spread  test  to  assure  that  this 
central  office  system  will  not  contribute  to  widespread  fire  damage. 


NEBS 

continued  from  page  1 

The  flames  and  smoke  got  ’em.” 

The  NTS  fire  test  chamber, 
where  a  charred  metallic  and 
gassy  odor  lingers,  is  one  in  a  bat¬ 
tery  of  stations  used  to  deter¬ 
mine  whether  telecom  gear  is 
safe  and  sturdy  enough  to  be 
used  in  the  central  offices  of 
RBOCs  and  other  big  U.S.  carri¬ 
ers,  and,  in  some  cases,  military 
networks.The  flute-like  instru¬ 
ment  in  the  chamber  is  actually 
a  methane  gas  torch  that  gets 
stuffed  into  the  guts  of  telecom 
boxes  to  find  out  if  they  can  con¬ 
tain  a  blaze.The  yellow  camera 
takes  thermal  images,  especially 


useful  when  cabinet  doors  and 
black  smoke  make  viewing  the 
burning  innards  otherwise 
impossible. 

Welcome  to  the  largely  behind- 
the-scenes  world  of  NEBS  testing. 
While  the  acronym  NEBS, short 
for  Network  Equipment  Building 
System,  is  familiar  to  many  in  the 
industry,  far  fewer  know  what  it 
takes  for  a  switch, server  or  other 
box  to  gain  NEBS  compliance. 
Carriers  require  equipment  mak¬ 
ers  that  hope  to  win  their  busi¬ 
ness  to  first  run  their  devices 
through  a  gauntlet  of  about  30 
NEBS  tests  —  not  government 
mandates  —  defined  in  docu¬ 
ments  GR-63  for  environmental 
requirements  and  GR-1089  for 


electrical  requirements. 

The  NEBS  concept  got  its  start 
in  the  1970s  at  Bell  Labs,  and  the 
documents  now  are  maintained 
by  Telcordia,  which  also  con¬ 
ducts  NEBS  testing.  While  the 
NEBS  criteria  is  designed  for  car¬ 
rier  equipment  makers,  testers 
say  some  enterprise  network 
equipment  gets  NEBS  certified  in 
cases  where  vendors  sell  gear  to 
carrier  and  corporate  markets. 

At  NTS,  telecom  gear  needs  to 
survive  the  flame  test  and  an 
earthquake  simulator  that  tops  7 
on  the  Richter  scale,  plus  make  it 
through  chambers  that  deter¬ 
mine  whether  equipment  can 
handle  extreme  hot  and  cold 
temperatures  as  well  as  lightning 
strikes  and  high  altitudes.  Some¬ 
times  testers,  armed  with  shot¬ 
guns,  even  take  boxes  out  back 
and  try  to  shoot  through  their 
cabinets  with  No.  6  steel  shot 
from  50  feet  away 

Vendors  pay  tens  of  thousands 
to  hundreds  of  thousands  of  dol¬ 
lars  per  year  to  have  their  prod¬ 
ucts  tested. 

Jim  Press,  a  colleague  of 
Forbes’  who  runs  the  electromag¬ 
netic  compatibility  lab  at  NTS, 
says  he  remembers  hotshot 
entrepreneurs  a  couple  of  years 
back  coming  in  to  test  all  sorts  of 
new  devices  that  could  push 
information  down  pipes  faster. 

“They’d  tell  me, ‘We’re  going  to 
ship  this  month ’’’he  says.Td  tell 
them, ‘You’ve  got  months  of  test¬ 
ing  and  design  work  ahead  of 
you,’  and  they’d  be  shocked.” 

The  overall  NEBS  testing 
process  usually  takes  at  least  a 
couple  of  months  and  is 
extremely  challenging,  as  manu¬ 
facturers  seek  to  strike  a  deli¬ 
cate  balance  between  sealing  in 
emissions,  blocking  out  contam¬ 
inants  and  allowing  enough  air¬ 
flow  to  keep  systems  cool  in 
rooms  that  typically  don’t  have 
sprinkler  systems. 

“Fire  testing  is  pretty  nerve- 
wracking,”  acknowledges  Paul 
Elias,  CTO  with  Covaro  Networks, 
a  start-up  that  recently  got  its  CC- 
16000  Ethernet  services  box 
NEBS  3  certified,  the  most  strin¬ 
gent  level  defined. 

While  the  flame  and  earth¬ 
quake  tests  are  crowd  pleasers, 
the  more  subtle  electromagnetic 
interference  and  discharge  tests 
are  among  the  toughest  to  pass, 
says  Elias,  who  has  spent  his 
career  at  small  and  large  tele¬ 
com  companies.“ln  20  years  of 
doing  this  I’ve  never  seen  a  first- 
pass  success,”  he  says. 

Regardless  of  how  well  an  engi¬ 
neering  team  has  built  its  prod¬ 
uct,  Elias  says  NEBS  testing 


remains  a  high-anxiety  event 
given  that  any  setback  could  cost 
a  start-up  two  or  three  months  in 
its  design  cycle  and  chew  up  10% 
of  a  round  of  venture  funding. 

Outfits  such  as  NTS  aren’t  out 
to  ruin  anyone’s  day  even  though 
they  run  torture  chambers  for 
equipment.  In  fact,  testing  com¬ 
panies  work  with  clients  to  sug¬ 
gest  how  products  can  be  re¬ 
designed  or  tweaked  to  pass  the 
tests.  One  box  that  underwent 
testing  at  NTS  several  weeks  ago 
was  patched  with  aluminum  foil 
and  masking  tape  to  show  the 
equipment  maker  where  the  box 
needed  to  be  tightened  up. 

Labs  use  videotapes  of  boxes 
going  up  in  smoke  or  dancing 
wildly  on  the  earthquake  simula¬ 
tor  for  educational  purposes  and 
to  wow  lab  visitors. 

“What  we  say  here  is:  ‘Where 
else  can  you  purposely  break 
hundreds  [or  thousands]  of  dol¬ 
lars  worth  of  equipment  and  get 
paid  for  it?”’  Forbes  says. 

“What  usually  happens  is  they 
do  things  themselves  the  first 
time  around,  then  come  back 
and  get  us  involved  from  the  start 
the  next  time,”  says  Press,  who  has 
spent  six  years  at  NTS  and  is  a  19- 
year  veteran  of  the  electromag¬ 
netic  compatibility  field.“If  you 
want  to  get  into  the  NEBS  world, 
there’s  a  lot  of  homework  to  do.” 

While  NEBS  testing  might 
seem  like  overkill,  those 
involved  in  it  insist  otherwise. 
Verizon  spends  more  than  $1 
million  per  year  to  evaluate 
between  2,000  and  3,000  prod¬ 
ucts  for  use  in  its  9,800  central 
offices  and  other  facilities,  says 
Chuck  Graff,  director  of  NEBS 
compliance  and  quality  assur¬ 
ance  at  the  carrier. 

The  company  reviews  NEBS 
reports  provided  by  vendors 
and  has  discovered  320  errors 
in  test  reports  over  the  past 
three  years,  which  if  unfound 
could  have  resulted  in  network 


outages,  he  says. Verizon 
requires  that  its  vendors  meet  a 
level  of  five-nines  reliability  in 
order  for  the  carrier  to  adhere 
to  state  public  utility  commis¬ 
sion  service  levels. 

Many  consider  Verizon  to  be 
the  toughest  carrier  to  satisfy  — 
service  providers  that  request 
NEBS  certification  often  have 
special  requirements  beyond  the 
base  standards,  though  they  are 
trying  to  lessen  such  differences 
to  make  life  easier  for  equipment 
makers.  And  the  events  of  Sept. 

1 1 , 2001 ,  only  strengthened  the 
carrier’s  adherence  to  the  stan¬ 
dards.  As  was  well  documented 
in  the  wake  of  the  terrorist  at¬ 
tacks, Verizon’s  140  West  St. 
switching  office  next  to  the  World 
Trade  Center  remained  in  opera¬ 
tion  —  thanks  in  part  to  diesel 
generators  that  took  over  when 
the  DC  power  was  lost  —  despite 
the  network  equipment  there 
being  covered  with  bricks,  mor¬ 
tar  and  in  some  cases  more  than 
an  inch  of  dust. 

Graff  says  that  every  time  it 
looks  as  though  equipment  ven¬ 
dors  have  gotten  NEBS  require¬ 
ments  down,  change  happens. 
For  instance,  with  Verizon  com¬ 
mitting  to  a  huge  fiber-to-the- 
premises  rollout,  the  carrier  is 
increasingly  dealing  with  video 
equipment  makers,  most  of 
which  aren’t  up  to  speed  on 
NEBS. 

While  NEBS  testing  will  contin¬ 
ue  to  challenge  vendors,  they 
might  take  comfort  in  the  fact 
that  Telcordia  is  mainly  just  fine- 
tuning  the  NEBS  requirements, 
not  planning  any  major  new 
ones,  says  Rich  Kluge,  the  com¬ 
pany’s  director  of  NEBS  technical 
services. 

“There’s  no  volcano  test  on  the 
wa/  he  says.  ■ 
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Brightmail  upgrades 
anti-spam  software 

■  BY  CARA  GARRETSON 

As  anti-spam  software  maker  Brightmail  officially  becomes  part  of 
Symantec,  the  company  is  releasing  an  upgrade  to  the  enterprise  ver¬ 
sion  of  Brightmail  Antispam. 

Version  6.0  has  an  enhanced  reputation  service  and  non-English  fil¬ 
tering  capabilities,  and  blocks  a  new  spam  technique  called  signature 
attachments,  says  Carlin  Wiegner,  director  of  product  management. 

Inversion  6.0,  the  company  has  added  features  governing  suspect  IP 
addresses  and  safe  IP  addresses  to  the  Brightmail  Reputation  Service, 
which  monitors  hundreds  of  thousands  of  email  sources  to  determine 
how  much  mail  sent  from  these  addresses  is  spam. Suspect  IP  address¬ 
es  are  those  that  send  a  lot  of  email,  but  aren’t  necessarily  considered 
spam  sources.  E-mail  received  from  suspect  IP  addresses  are  flagged  as 
such  and  sent  through  the  software’s  filters.“It’s  not  black  or  white,  we 
use  [the  suspect  IP  list]  as  one  piece  of  evidence,”  Wiegner  says.  E-mail 
from  sources  on  the  safe  IP  list  will  skip  Brightmail’s  filters  and  go 
directly  to  users’  in-boxes,  unless  the  administrator  specifies  otherwise. 

Although  far  from  perfect,  reputation  lists  are  becoming  a  useful  tool 
in  the  fight  against  spam,  says  Jonathan  Penn,  an  analyst  at  Forrester 
Research.“As  you  get  sender  ID  information  . .  .you’re  able  to  develop  a 
history  of  their  identity’  he  says.  However,  problems  arise  when  spam¬ 
mers  begin  to  hijack  legitimate  e-mail  addresses. 

Version  6.0  scans  messages  written  in  a  more  than  a  dozen  lan¬ 
guages, searching  the  content  for  telltale  spam  keywords. 

The  upgrade  can  detect  attach¬ 
ment  signatures,  which  are  images 
embedded  into  an  e-mail  that  point 
the  reader  to  a  URL.  Instead  of 
embedding  the  URL  into  the  e-mail, 
which  Brightmail’s  filters  already 
can  catch,  spammers  have  begun 
putting  text  into  an  image  with 
instructions  for  going  to  a  Web  site. 

Brightmail  Antispam  6.0  will  be 
available  June  30.  It  costs  about 
$1,500  per  year  for  49  users;  addi¬ 
tional  users  cost  $14  per  user, 
per  year. 

Symantec’s  $370  million  acquisi¬ 
tion  of  Brightmail  was  completed 
officially  last  week.  The  company 
competes  with  enterprise  anti-spam 
software  makers  including  Cloud- 
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Listen  to  highlights  from  Mark  Gibbs' 
keynote  presentation  on  strategies 
for  creating  a  messaging  environment 
that  ensures  network  integrity  and 
user  productivity,  and  returns  power 
and  control  to  enterprise  network 
managers. 


Middleware  is  Everywhere 
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Key 

MIDDLEWARE  IS  IBM  SOFTWARE.  A  powerful,  collaborative 
environment  like  IBM  Workplace  that  provides  access  to 
people,  processes  and  information  on  one  open,  dynamic 
platform.  It’s  how  you  access  everything  from  content  to 
applications  to  global  partners  for  faster,  more  informed 
decision  making.  It’s  how  productivity  increases.  And  it's  big 
news  for  your  business. That’s  ON  DEMAND  BUSINESS. 

1.  Sees  stock  devaluation  immediately. 

|  2.  Updates  clients’  apps  automatically. 

]  3.  Accesses  updated  trading  app  instantly. 

4.  Reviews  pundit  predictions  easily. 

5.  Buys  stock  in  a  snap. 

j  See  middleware  at  work.  See  how  it  helps  businesses  succeed.  See  it  at  ibm.com/middleware/workplace  ! 
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Microsoft  readies  cluster  software 


N  BY  JENNIFER  MEARS 

Microsoft  is  readying  a  version 
of  its  Windows  Server  operating 
system  that  will  let  users  link 
dozens  of  standards-based  sys¬ 
tems  to  get  the  processing  power 
available  today  in  big  symmetric 
multiprocessing  boxes. 

Last  week,  Microsoft  confirmed 
that  it  is  developing  Windows 
Server  2003,  HPC  Edition,  geared 
for  customers  in  industries  such  as 
engineering,  life  sciences  and 
finance,  where  scalable,  parallel 
computing  is  becoming  more 
mainstream.  The  software,  ex¬ 
pected  to  ship  in  the  second  half 
of  next  year,  is  a  departure  from  Mi¬ 


crosoft’s  current  approach  to  clus¬ 
tering,  which  is  limited  to  shifting 
entire  workloads  between  sys¬ 
tems,  says  Dennis  Oldroyd,  direc¬ 
tor  of  Windows  Server  at  Microsoft. 

“The  clustering  services  that  are 
included  in  Windows  Server 
Enterprise  and  Data  Center  edi¬ 
tions  do  things  like  failover  man¬ 
agement  and  load  balancing,”  he 
says.“In  a  high-performance  com¬ 
puting,  parallel  environment  you 
split  the  problem  out  and  divide  it 
over  nodes  that  are  on  the  cluster, 
using  technology  called  [Mes¬ 
sage  Passing  Interface]  to  send 
messages  between  the  nodes.” 

That  means  all  the  nodes  in  the 
cluster  can  act  as  a  single  pool  of 


resources  to  provide  high-perfor¬ 
mance  processing  power,  he  says. 
The  market  is  growing  rapidly 
and  today  Linux  is  the  dominant 
operating  system  for  most  high- 
performance  computing  (HPC) 
clusters,  analysts  say 

Product  revenue  in  the  HPC  clus¬ 
tering  market  was  $2.4  billion  in 
2003  and  is  expected  to  jump  to 
$5.1  billion  by  2008,  according  to 
IDC/Tts  a  real  market,  and  by  and 
large  it  has  been  driven  by  Linux,” 
says  Chris  Willard,  research  vice 
president  of  HPC  systems  at  IDC. 

As  HPC  clusters  become  more 
mainstream  and  make  their  way 
into  commercial  enterprise  data 
centers,  it’s  not  surprising  to  see 


Microsoft  start  planning  a  pack¬ 
aged  offering,  Willard  says.  Today, 
customers  can  deploy  HPC  clus¬ 
ters  on  Windows  but  must  use 
third-party  tools  and  configure 
the  clusters  themselves.  With  Win 
2003,  HPC  Edition,  Microsoft  aims 
to  simplify  the  process  of  deploy¬ 
ing  Windows-based  clusters. 

“This  market  is  starting  to  transi¬ 
tion  out  of  that  historical  acade¬ 
mic  and  research  focus  into  the 
commercial  enterprise,”  Oldroyd 
says.  “What  we’ve  seen  from  our 
customers  is  that  they’re  starting 
to  look  at  this  technology  and 
they’d  like  to  have  it  available  on 
Windows.” 

Last  month,  Linux  clustering 


software  specialist  PblyServe 
rolled  out  a  product  for  deploy¬ 
ing  clusters  running  Windows 
2000  and  Win  2003  using  a  clus¬ 
tered  file  system  to  let  all  servers 
tied  to  a  storage-area  network 
share  data.  Oldroyd  wouldn’t  say 
whether  Win  2003,  HPC  Edition, 
would  include  a  clustered  filed 
system. 

Advanced  Micro  Devices,  Dell, 
HP  IBM,  Intel  and  Verari  Systems 
have  said  they  will  support  Win 
2003,  HPC  Edition.  Cornell  Theory 
Center  (CTC),  which  has  run  a 
Windows-based  HPC  cluster  for 
years, also  is  supporting  the  effort. 

Pricing  for  Win  2003,  HPC  Edi¬ 
tion,  has  not  been  released.  ■ 


-Who  Wants  to  be  an  „ 

Entrepreneur: 


P 


The  final  five 

Joe  Pereira  emerged  from  a  group  of  five  finalists  and  60-plus  entrants  overall 
to  win  our  “Who  Wants  to  be  an  Entrepreneur?”  contest. 


Entrant 

Winner 

Joe  Pereira,  architect 

Andy  Warner,  MBA 

student,  Georgia 
Institute  ofTechnology 

Mike  Dean,  program 
manager  for  technology, 
PlumstedTownship 
Board  of  Education  in 
New  Jersey 

Robert  Bagnall,  CEO, 
Muse  Innovations 

Gregg  Branham, 

CEO,  Altus  Network 
Solutions 

Concept 

Content  and  database 
processor  to  be  used  in 
enterprise  network 
gear. 

AbuseButler,  an 
application  service 
provider  built  to  cut  off 
spam  closer  to  its 
origin. 

A  service  that  could  let 
businesses  work 
together  to  identify 
each  other's  employees 
using  biometrics. 

WebRhino,  a  security 
portal  service  for  home 
users  and  small  and 
midsize  businesses. 

PassfiltPro,  software 
designed  to  make 
password-based 
security  more  effective. 

Contest 

continued  from  page  1 

Joe  Pereira,  a  former  design 
manager  for  pre-IPO  semicon¬ 
ductor  company  NetLogic  Micro¬ 
systems,  beat  out  60  entrants  with 
his  concept  for  a  content  and 
database  engine  designed  to  take 
up  two  to  10  times  less  space  and 
handle  more  chores  than  current 
specialty  processors.  His  prize: 
$30,000  split  between  cash  and 
services  paid-in-kind,  such  as 
legal  advice,  plus  exposure  to  a 
panel  of  judges  including  three 
venture  capitalists. 

“This  is  great  news,”  he  said, 
when  notified.“I  hope  this  can  be 
the  start  of  a  great  company” 

The  contest  launched  April  19 
and  gave  would-be  entrepre¬ 
neurs  about  a  month  to  submit 
entries.  It  elicited  a  range  of 
ideas  from  those  running  corpo¬ 
rate  networks,  working  for  con¬ 
sulting  firms  and  toiling  within 
the  vendor  community  Among 
the  finalists  were  pitches  for  a 
biometric  ID  system,  automated 
password  management,  a  service 
to  help  small-office  and  home- 
office  users  secure  their  net¬ 
works  and  computers,  plus  a  sys¬ 
tem  for  cutting  down  on  spam 
by  spotting  and  stopping  it  closer 
to  the  point  of  origin. 


Several  entrants  proposed  ways 
to  clean  up  log  files  from  Cisco 
routers  and  other  devices.  One 
entrant  even  proposed  a  new 
type  of  energy  that  had  judges 
joking  about  cold  fusion. 

As  for  Pereira,  he  says  he  had 
never  entered  a  business  compe¬ 
tition  before  but  decided  to  use 
the  process  as  a  way  to  help  vali¬ 
date  his  idea. 

The  36-year-old  technologist, 
who  enjoys  soccer  and  reading 
philosophy,  says  he  has  been 
awarded  17  patents  over  the 
years  and  has  20  patent  applica¬ 
tions  pending.  His  content  and 
database  engine  idea  stemmed 
from  efforts  to  accelerate  pro¬ 


cessing  of  various  multi-dimen¬ 
sional  databases,  including  those 
used  in  bioinformatics  and 
security. 

Pereira,  who  moved  from  India 
to  the  US.  in  1999  and  now  lives 
in  California, says  the  technology 
he  has  under  development 
would  be  sold  as  a  subsystem, 
card  or  chip.  The  processor  he 
has  in  mind  “stores  databases 
including  routing  tables  and 
security  rules  (spam,  intrusion- 
detection  system,  virus),  and 
applies  them  at  high  wire  rates,” 
he  wrote  in  his  application. 
Pereira  describes  his  vision  as 
“improving  performance  and 
reducing  cost  for  router,  security 


cache  and  database  systems.” 

He  says  that  his  content  and 
database  engine,  by  supporting  a 
range  of  processing  duties, 
would  be  a  cost-effective  alterna¬ 
tive  to  silicon  designed  specifi¬ 
cally  for  each  niche,  such  as  pro¬ 
cessing  XML  data. 

He  estimates  it  would  take 
about  two  months  to  define  a  pro¬ 
cessor  for  any  particular  custom¬ 
er  and  eight  months  to  build  it.  He 
says  he  plans  to  build  “a  mathe¬ 
matically  complete  solution  rath¬ 
er  than  [another  one  of]  today’s 
heuristics-based  solutions.” 

Jeff  McCarthy,  one  of  the  con¬ 
test  judges  and  a  general  partner 
at  North  Bridge  Venture  Partners, 
gave  Pereira’s  concept  a  thumbs 
up  based  on  the  credibility  of 
the  founder,  the  fact  that  what 
Pereira  is  proposing  solves  a  real 
problem  and  that  it  boasts  a 
good  value  proposition  for 
equipment  makers  and  buyers. 

Fellow  judge  Richard  Dale,  a 
principal  with  Sigma  Partners, 
says  Pereira  “clearly  knew  the 
landscape,  had  a  smart  idea,  did 
not  undersell  the  competition  or 


oversell  himself.” 

Jonathan  Wolf,  a  contest  judge 
and  co-founder  of  management 
appliance  vendor  Goldwire  Tech¬ 
nology  says  the  breadth  of  ideas 
contributed  and  the  thoughtful 
presentations  of  the  finalists  im¬ 
pressed  him.  He  emphasizes  that 
just  because  a  company  doesn’t 
convince  venture  capitalists  or 
other  investors  to  plunk  down 
millions  of  dollars  to  back  it 
doesn’t  mean  the  outfit  isn’t 
worth  establishing. 

“There  are  a  lot  of  great  busi¬ 
nesses  out  there  —  not  $100  mil¬ 
lion  companies  that  the  VCs  will 
want  to  invest  in,  but  great  busi¬ 
nesses  that  will  support  a  small 
company  and  serve  a  real  need 
in  the  market,”  he  says. 

Ryan  Jones,  an  associate  at 
Commonwealth  Capital,  says, “As 
a  first-time  entrepreneur  with 
substantial  industry  experience, 
Joe  represents  the  individuals  we 
were  hoping  to  meet  through  the 
Network  World  contest.There  are 
very  few  other  opportunities  that 
bring  together  so  many  entrepre¬ 
neurial  IT  veterans.”* 
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■  LAN/WAN  SWITCHES  AND  ROUTERS 

■  ACCESS  DEVICES  ■  SERVERS  ■  VPNS 

■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


■  GiSCO  is  adding  an  802.1  Ib/g  wire¬ 
less  LAN  card  to  its  3200  Wireless 
and  Mobile  Router  for  outdoor  net 
works.  The  package,  dubbed  the 
Metropolitan  Mobile  Networks 
Solution,  can  support  wireless  LAN 
and  cellular  WAN  connections.  The 
intent,  Cisco  says,  is  to  extend  a  Cisco 
wired  municipal  or  government  net¬ 
work  over  a  large  outdoor  area  for 
police,  fire,  building  inspectors  and 
other  users.  The  3200  router  can  be 
mounted  in  vehicles  or  on  utility  poles. 
The  new  card  costs  $900. 

■  Asante  Technologies  last  week 
introduced  Layer  2  Gigabit  Ethernet 
switches  aimed  at  corporations.  The 
IC36000  Series  of  switches  include 
24-  and  48-port  boxes  with  all  ports 
supporting  lO/IOO/IOOOBase-T  connec¬ 
tions.  The  boxes  also  support  up  to 
four  modular  small  form-factor  plug¬ 
gable  ports  for  fiber-based  Gigabit 
uplinks  to  a  backbone.  The  48-port 
IntraCore  36480  with  four  SFP  ports 
costs  about  $5,000,  and  the  24- port 
IntraCore  36240  costs  about  $2,500, 
including  four  SFP  ports. 

■  A  new  security  appliance  from 
Blue  Coat  Systems  will  let  compa¬ 
nies  scan  Web  traffic  to  their  net¬ 
work  at  a  high  speed,  spotting  virus¬ 
es  and  malicious  file  downloads  from 
Web  pages  or  Web-based  e-mail  at 
the  network  perimeter.  The  Blue 
Coat  ProxyAV  is  a  1U  appliance  that 
scans  traffic  to  Web  browsers  for 
Trojan  horse  programs,  Internet 
worms  and  malicious  content  buried 
in  HTTP  traffic.  The  appliance  is 
available  in  400  and  2000  series  ver¬ 
sions.  The  400  series  comes  in  two 
models:  the  400-E0,  which  features 
an  850  MHz  Intel  Celeron  processor 
and  512M  bytes  of  RAM,  and  the  400- 
El,  which  comes  with  a  1.26  GHz 
Intel  Pentium  III  processor.  The  2000 
series  ranges  from  the  2000-EO, 
which  features  a  2GHz  Intel  Xeon 
processor  and  768M  bytes  of  RAM, 
to  the  2000-E3,  which  features  two 
2.4GHz  Xeons  and  3G  bytes  of  RAM. 
The  Blue  Coat  Proxy  AV  costs  from 
$4,500  to  $21,000. 


Juniper  SSL  boxes  ease  net  access 


i  Remote  user  logs  on  to  2  The  gateway  retrieves  3  As  the  user  requests  access  to  servers, 
a  Juniper  SSL  remote-  authentication  information  the  Juniper  box  uses  logons  gathered 

access  gateway.  about  the  user  from  the  from  the  SAML  server  to  gain  access 

local  SAMI  server.  with  no  further  user  intervention. 


■  BY  TIM  GREENE 

Juniper  is  adding  support  for  Security 
Assertion  Markup  Language  to  its  remote- 
access  gear,  technology  that  lets  users  sign 
on  once  to  a  Secure  Sockets  Layer  remote- 
access  gateway  and  reach  network  re¬ 
sources  without  further  authentication. 

Junipers  SA  1000,  SA  3000  and  SA  5000 
gateways  sit  between  the  Internet  and  cor¬ 
porate  servers,  proxying  SSL  sessions  be¬ 
tween  remote  computers  and  servers. 
When  end  users  wanted  to  reach  a  partic¬ 
ular  application, they  previously  had  to  first 
authenticate  to  the  Juniper  device,  then  to 
the  server  they  wanted  to  reach. 

Junipers  competitors  include  Aventail, 
Check  Point,  Nortel  and  Whale  Communi¬ 
cations,  but  none  of  them  supports  XML- 
based  SAML  in  their  devices.  Without  hav¬ 
ing  to  remember  passwords  and  log  on  to 
every  application  they  want  to  access, 
users  will  find  working  over  an  SSL  Internet 
link  less  cumbersome,  the  company  says. 


With  SAML  support,  users  will  authenti¬ 
cate  to  the  Juniper  box,  and  the  Juniper 
device  checks  with  a  SAML  server  for  that 
user’s  logon  information,  which  it  then  sup¬ 
plies  to  servers  as  needed. The  SAML  stan¬ 
dard  defines  request  and  response  mes¬ 


sages  that  security  domains  use  to  ex¬ 
change  authentication,  attribute  and 
authorization  information  in  the  form  of 
trust-assertion  messages  about  named 
users  and  resources. 

See  Juniper,  page  18 


Peribit  gear  boosts  WAN  performance 


■  BY  TIM  GREENE 

Peribit  is  introducing  a  set  of  equipment 
and  features  to  boost  site-to-site  WAN  per¬ 
formance  by  compressing  larger  chunks 
of  data,  overcoming  delays  caused  by 
high-latency  links  and  utilizing  the  better 
WAN  connection  when  a  site  has  an 
alternative. 

The  company’s  new  appliance,  called 
SM-500,  caches  up  to  500G  bytes  of  data 
that  it  can  refer  to  when  scanning  WAN 
traffic.  It  then  looks  for  large  repetitive  pat¬ 
terns  it  can  send  as  shorthand  to  another 
SM-500  across  a  WAN  link. 

Compression  devices  work  in  pairs  to 
seek  data  patterns  that  repeat  within  a 
datastream  and  replace  these  patterns  with 
smaller  patterns  before  sending  the  data. 
The  receiving  box  replaces  the  smaller  pat¬ 
tern  with  the  original  data.  Peribit  competi¬ 
tors  include  Expand,  ITWorx,  Racketeer  and 
Riverbed  Technology. 

Traditional  compression  devices  have 
limited  memory  to  store  these  patterns 
and  look  only  for  relatively  short  patterns. 
Or  if  they  recognize  large  chunks  of  data, 
it  is  as  entire  files,  so  even  small  changes 
to  the  files  make  it  impossible  to  abbrevi¬ 
ate  them  with  compression. 


SM-500  views  streams  of  bits,  including 
those  that  represent  data  within  files.This 
lets  the  device  recognize  large  patterns 
within  files  so  if  small  changes  are  made, 
the  device  still  can  compress  large 
chunks  of  the  files.  The  company  says  it 
can  store  large  patterns  on  disks,  keeping 
recognized  patterns  in  its  library  indefi¬ 
nitely  The  new  device  is  expected  to  be 
available  in  August  and  costs  between 
$9,000  and  $40,000,  depending  on  the  size 
of  the  WAN  link  connected  to  it,  ranging 
from  256K  to  20M  bit/sec. 

Electric  utility  Ameren  Services  in  St. 
Louis  is  looking  at  two  of  Peribit’s  new  fea¬ 
tures  in  particular:  forward  error  correc¬ 
tion  and  TCP  spoofing  that  Peribit  calls 
Active  Flow  Pipelining.  Ameren  hopes  the 
Active  Flow  Pipelining  will  improve 
throughput  on  some  of  the  firm’s  finicky 
T-ls,says  Roger  Luechtefeld,  senior  engi¬ 
neer  in  Ameren’s  network  engineering 
department. 

Lost  packets  force  retransmissions,  and 
when  the  link  is  compressed, “we’re  losing 
a  larger  chunk  of  data,”  he  says. 

Peribit  calls  its  caching  and  compres¬ 
sion  capability  Network  Sequence  Mirror¬ 
ing.  It  is  meant  to  augment  its  earlier, short- 
pattern  recognition  technology  called 


Molecular  Sequence  Reduction  (MSR). 
SM-500  also  supports  MSR  so  it  can  inter¬ 
operate  with  Peribit  SR  appliances  that 
only  perform  MSR. 

Peribit  also  is  introducing  an  SR  device 
called  SR-100  for  speeding  connections 
between  data  centers.  It  supports  155M 
bit/sec  OC-3  connections  while  the  previ¬ 
ous  fastest  SR  was  the  SR-80  at  45M 
bit/sec.  It  does  this  by  aggregating  the 
compression  engines  in  up  to  six  SR-50 
devices  to  create  one  compression  de¬ 
vice.  SR-100  costs  between  $24,000  and 
$100,000,  depending  on  how  many  SR-50s 
are  added  to  it. 

The  company  is  releasing  a  new  version 
of  its  software  called  SR  Version  5.0  that 
adds  the  ability  to  monitor  two  connec¬ 
tions  —  say  a  frame  relay  link  between 
sites  and  the  Internet  connections  to 
those  sites.  Users  can  set  policies  that 
describe  the  latency,  packet  loss  and  jitter 
on  the  connections  and  route  applica¬ 
tions  to  the  appropriately  performing  link 
for  each  application. 

SR  5.0  also  adds  IPSec  tunneling  capa¬ 
bilities  to  all  its  devices.  So  after  traffic  has 
been  compressed,  it  is  encrypted,  but  the 
maximum  speed  of  an  IPSec  connection 
between  Peribit  boxes  is  15M  bit/sec.  ■ 
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Last  time  out  I  ranted  about  installing 
a  service  on  my  new  Linux  (Fedora,  in 
this  case), a  kindly  reader  pointed  me 
to  a  blog  rant  (www.nwfusion.com,  Doc- 
Finder:  2629)  that  appeared  at  just  about 
the  same  time.  This  was  complaining 
about  the  user  unfriendliness  of  Gnome, 
the  GUI  designed  and  supported  by 
Ximian  (now  Novell)  for  the  Linux  desk¬ 
top.  Specifically  it  talks  about  default  folder 
names  and  application  actions  on  them 
—  Jane  User  doesn’t  want  to  have  to  re¬ 
member  folder  navigation,  she  just  wants 
to  get  a  document  (or  a  picture,  or  a 
song)  with  a  minimum  of  hassle. 


To  control  or  not  to  control,  that  is  the  question 


It  isn't  just  Linux  that  needs  help,  though. 
Windows  users  have  many  of  the  same 
problems.  Especially  networked  Windows 
users.  While  many  Windows  applications 
do  default  to  folders  called  “My  Docu¬ 
ments, ”“My  Pictures,’ ’“My  Music,” and  savvy 
users  understand  they  can  create  sub¬ 
folders  within  this  structure  to  aid  organi¬ 
zation,  why  can’t  applications  specific  to 
music  or  pictures  continue  with  the 
metaphor?  Why  aren’t  music  titles  stored  as 
“cuts”  on  “platters”  stored  in  “jukeboxes”? 
Why  not  automatically  organize  photos 
by  albums  or  events?  One  reason  that  pre¬ 
vents  this  sort  of  activity  is  you,  the  net¬ 
work  manager. 

When  users  have  “home”  directories/ 
folders  on  network  storage,  they’re  usually 
given  full  rights  to  create,  maintain  and  re¬ 
move  files  from  that  area.  But  frequently 
network  managers  ask  how  they  can  allow 
full  rights  for  files  while  preventing  users 


from  creating  sub-folders.  It’s  a  question  I’ve 
never  understood, although  I’ve  been  given 
dozens  of  justifications  for  it. 

I’m  not  looking  for  anarchy  or  a  straight 
jacket  here. You  can  suggest  (even  create) 
a  template-like  folder  structure  for  new 
users  and  offer  classes, seminars  or  tutori¬ 
als,  on  efficient,  electronic  organization 
and  storage. 

The  application  vendors  should  do  a  bet¬ 
ter  job  of  standardizing  default  storage 
locations  and  names  (even  as  aliases) 
while  still  letting  users  override  those 
choices  and  pick  their  own  storage 
metaphor.  This  isn’t  nuclear  physics  — 
everyone  has  experience  organizing  their 
“stuff”  (socks, bills, books,  DVDs)  so  why  not 
a)  let  them  do  it  and  b)  use  familiar 
metaphors  for  it?  Sounds  like  a  plan. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 


Valley.  He  can  be  reached  at  wired@ 
vquill.com. 


Tip  of  the  Week 


Speaking  of  plans,  July 
used  to  be  a  month  to 
plan  your  vacation  because 
very  little  was  happening. This 
year,  though,  the  Catalyst 
conference  begins  July  19 
(DocFinder:  2630),  the  Open 
Source  conference  starts  on 
July  26  (DocFinder:  2631),  and 
LinuxWorkl  begins  the  week 
after  that  (DocFinder:  2632). 
I'm  planning  to  be  at  all  three. 
Maybe  you  should,  too. 


Acopia  brings  network 
intelligence  to  storage 


Security  appliance 
protects  corp.  gateways 


■  BY  DENI  CONNOR 

Looking  to  let  customers  more  easily 
manage  their  storage  consumption,  add  or 
delete  storage  and  manage  storage  utiliza¬ 
tion,  start-up  Acopia  last  week  released  its 
first  offerings. 

The  company’s  Adaptive  Resource  Net¬ 
working  6000  and  ARX  1000  switches  link 
to  a  local  Ethernet  switch  and  tie  together 
corporate  network-attached  storage  (NAS) 
appliances  and  file  servers  under  a  unified 
umbrella.  The  software  that  ships  with  the 
ARX  6000  and  ARX  1000  creates  one  glob¬ 
al  namespace  for  all  the  attached  devices, 
so  storage  resources  can  be  pooled,  man¬ 
aged  from  one  location  and  reconfigured 
as  needed. 

“[Before  the  ARX]  each  application  was  a 
silo  situation  —  the  other  guys  didn’t  know 
when  there  is  extra  capacity  on  the  net¬ 
work,”  says  the  executive  director  of  tech¬ 
nology  for  a  large  media  company  in  the 
Northeast  who  requested  anonymity  “With 
global  name  space  and  a  tiered  storage 
model  you  can  improve  the  efficiency  of 
the  storage  you  already  have.” 

The  ARX  6000  and  ARX  1000  manage 
Unix/Linux  Network  File  System  and 
Microsoft  Common  Information  File 
System  data.The  switches  will  manage  the 
unstructured  data  —  files,  spreadsheets 
and  PDFs  —  residing  on  NAS  and  direct- 
attached  storage.  According  to  Enterprise 
Storage  Group,  unstructured  data  accounts 
for  80%  of  a  company’s  data.  As  networks 
grow  and  the  amount  of  storage  capacity 
increases,  this  data  becomes  distributed 
throughout  the  network, where  it  is  difficult 
to  manage. 

Warner  Music  in  Burbank,  Calif.,  has  20T 


bytes  of  data  on  file  servers  distributed 
across  its  network,  which  consists  of  mil¬ 
lions  of  files  ranging  from  .wav  and  MP3  to 
artwork  for  CDs.  It  uses  the  Acopia  switch 
to  consolidate  these  file  servers. 

“As  we  continue  to  double  our  storage  in¬ 
frastructure  every  year,  the  capital  expense 
of  the  infrastructure  and  the  operational 
costs  to  manage  it  are  more  important  to 
control  and  manage,"  says  Mike  Streb,  vice 
president  of  IT  services  for  Warner  Music. 
“Acopia’s  product  lets  us  quickly  gain  a 
higher  utilization  of  [storage]  and  elimi¬ 
nate  the  growing  burden  of  manually  man¬ 
aging  data  migration.” 

Acopia  was  founded  in  January  2002 
by  Cheng  Wu,  founder  of  both  Arrow- 
Point  and  Arris.  Cisco  acquired  Arrow- 
Point  in  2000  for  $5.7  billion;  Cascade 
acquired  Arris  in  1996  for  $145  million. 
The  company  is  funded  for  $40  million 
from  Star  Ventures,  St.  Paul  Venture 
Capital,  Charles  River  Ventures,  Accel 
Partners  and  Cheng  Wu. 

The  ARX  6000  is  a  chassis-mounted  box 
that  stands  13U  high.  It  has  24  100/1000M 
bit/sec  Ethernet  ports  and  can  process  as 
many  as  60  million  files  per  hour. The  ARX 
6000  has  a  total  throughput  of  10G  bit/sec. 
It  costs  about  $150,000. 

The  smaller  ARX  1000  is  available  in  a 
2U-high  configuration.  It  has  six  Ethernet 
connections  and  can  process  10  million 
files  per  hour.  The  ARX  1000  costs 
$45,000.  ■ 


Storage 
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■  BY  CARA  GARRETSON 

Attempting  to  give  corporations  a  low- 
cost  way  to  fight  spam  and  viruses,  Work¬ 
Group  Solutions  last  week  released  a  new 
version  of  its  security  appliance  with  en¬ 
hancements  to  its  reporting  and  virus- 
detection  capabilities  and  added  a  direc¬ 
tory  harvest  defense  mechanism. 

In  Version  2.0  of  SpamGate,  WorkGroup 
Solutions  has  expanded  the  reporting  capa¬ 
bilities  of  the  e-mail  appliance’s  included 
software  by  adding  the  ability  to  filter  data 
by  recipient,  sender  or  IP  address,  company 
officials  say  With  this  tool,  administrators 
can  track  how  much  spam  an  organization 
receives  and  determine  which  users  get  the 
most  unwanted  messages. 

The  company  also  has  enhanced  Spam- 
Gate’s  anti-virus  capabilities  with  the  ability 
to  detect  HTML  exploits  that  mask  exe¬ 
cutable  files  and  Web  bugs  that  track  users, 
officials  say. 


Juniper 

continued  from  page  17 

SAML  support  will  be  attractive  to  larger 
corporations  that  have  invested  in  the  cost¬ 
ly  SAML  technology, says  Robert  Whiteley  a 
senior  research  associate  with  Forrester  Re¬ 
search.  Smaller  businesses  don’t  use  SAML 
technology  widely  yet,  he  says. 

Companies  that  grant  business  partners 
and  customers  SSL  access  to  their  net¬ 
works  will  make  doing  business  with  them 
simpler  by  eliminating  the  need  to  remem¬ 
ber  new  passwords,  he  says. 

Remote  machines  could  support  SAML, 


To  help  prevent  directory  harvesting  at 
customer  sites,  SpamGate  2.0  checks  the 
source  of  each  incoming  e-mail  against  a 
list  of  valid  addresses  and  discards  invalid 
addresses,  the  company  says. 

SpamGate  sits  at  a  corporation’s  gateway 
and  uses  a  number  of  spam-detection 
tools,  including  heuristics.  Heuristics  is  a 
method  that  identifies  unwanted  e-mails 
by  looking  for  telltale  signs  in  spam.  It  also 
leverages  Bayesian  algorithms,  which 
“learn”  what  an  organization  deems  spam 
and  what  it  considers  legitimate  e-mail. 

WorkGroup  promises  SpamGate  will  cap¬ 
ture  97%  of  spam  coming  into  an  organiza¬ 
tion.  SpamGate  competes  with  e-mail  gate¬ 
way  appliances  from  IronPort  and 
CipherTrust. 

WorkGroup  says  the  cost  of  its  appliance 
ranges  from  $1,750  for  up  to  200  users  to 
$3,550  for  organizations  with  up  to  5,000 
users.  It  can  be  installed  and  configured  in 
less  than  30  minutes.  ■ 


but  that  would  require  installing  a  SAML 
software  agent  on  each  one,  which  requires 
time,  money  and  ongoing  maintenance. 

SAML  support  comes  with  Version  4.1  of 
Juniper’s  Secure  Access  software  for  its  SSL 
appliances.  SAML  support  comes  only  with 
the  Juniper  Advanced  SA  software  pack¬ 
age.  Upgrading  from  Basic  to  Advanced 
starts  at  about  $10,000. 

Whiteley  says  SSL  remote-access  ven¬ 
dors  have  engaged  in  a  feature-function 
war  about  what  their  devices  can  do,  but 
this  goes  beyond  that  to  how  these  de¬ 
vices  can  integrate  with  other  parts  of  the 
network  infrastructure.  ■ 


Profiles  in  Business  Mobility  #2  Versatility 


Why  carry  two  devices  when  you  can 

carry  just  one? 


|  \  V  If  your  employees  are  often  out  of  the  office  serving  customers,  yet 
*  they  always  need  to  stay  connected,  the  Nokia  6820  Messaging 
1%^  Device  is  the  right  call.  A  full  messaging  keypad  makes  email  fast 
and  easy.  A  color  screen  enhances  readability.  And  because  Nokia  business 
mobility  offerings  go  beyond  phones  to  enable  sophisticated  back-end 
secure  mobile  connectivity,  you  can  give  your  work-  giiEsEaSBSBii 


Nokia  security  appliance 


force  the  advantage  of  mobile  access  to  critical  data  such  as  sales  numbers, 
inventory  levels,  financials,  and  more.  When  you  think  about  it,  with  the 

tg  Device  and  business  mobility  solutions,  who 
nail,  voice,  data— even  calendar  and  contacts— 
here  your  people  need  them:  at  their  fingertips. 


Learn  how  to  mobilize  your  team  and  increase  business 
productivity.  Download  “The  Anytime,  Anyplace  World” 
white  paper  at  »nokiaforbusiness.com 
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TELEWORKERS 


Manage  all  your  remote-user  stress  away — with  simplicity,  security,  and  savings.  Now,  no  matter  what  type  of 
remote  user  you're  supporting,  you  have  an  easy  answer.  GoRemote.  Named  "a  visionary  market  leader"  in  Gartner's 
latest  Magic  Quadrant,  GoRemote  streamlines  mobile,  teleworker,  and  branch-office  connectivity  for  over  1,700 
enterprise  customers  worldwide.  Our  GoRemote  Global  Network  ”  is  the  world's  largest  and  eliminates  the  security 
concerns,  expense  issues,  and  hassle  factors  plaguing  today's  accessible-from-anywhere  enterprises.  Don't  take  our 
word  for  it.  See  what  Gartner  says.  Download  the  report  "U.S.  Managed  Remote-Access  1H04:  Leaders,  Visionaries" 
today — and  start  putting  yourself  back  in  control  once  and  for  all.  Visit  http://www.GoRemote.com/nw  or  call  866.308.8182 
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YOU'VE  GOT  ROAD  WARRIC 
AND  WORK- AT- HOMERS. 
AND  OFFICES  IN 
THE  MIDDLE  OF  NOWHERE. 

WE'VE  GOT  A  POWERFULLY 
SIMPLE  SOLUTION. 
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For  the  everywhere  enterprise. 


GoRemote  was  formerly  GRIC  Communications,  Inc. 

©  2004  GoRemote  Internet  Communications,  Inc.  All  rights  reserved.  GoRemote.  the  GoRemote  logo,  “For  the  everywhere  enterprise,*  and  GoRemote  Global  Network  are  trademarks  of  GoRemote 
Internet  Communications,  Inc.  All  others  are  properties  of  their  holders. 


A  Mgmt.  software  critical  to  HP's  plans,  exec  says 


Over  the  past  two  years,  HP's  OpenView  management 
software  division  seemed  to  be  warming  the  bench  in 
the  company's  overall  game  plan.  The  $80  billion  net¬ 
work  giant  pulls  in  revenue  from  servers,  storage  and  net¬ 
work  devices,  and  earnings  from  consumer  products  such 
as  printers.  OpenView  seemed  to  be  on  the  sidelines, 
while  boasting  something  of  a  cult  following  among 
users.  HP  says  its  management  software  will  play  a  more  important  role 
in  the  company's  utility  computing  plans,  known  as  Adaptive  Enterprise, 
which  involves  hardware,  software  and  services  working  together  to  cre¬ 
ate  dynamic  data  centers.  Nora  Denzel,  senior  vice  president  and  gener¬ 
al  manager,  Adaptive  Enterprise  and  Software  Global  Business  Unit  at 
HP  sat  down  with  Network  World  Senior  Writer  Denise  Dubie  at  HP 
Software  Forum  2004  to  discuss  how  management  software  will  help 
HP  champion  its  utility  computing  vision. 


Where  is  the  company  in  executing  on  its  Adaptive  Enterprise,  utility  computing  plan? 

Adaptive  Enterprise  is  a  three-  to  five-year  project.  And  it’s  not  an  HP  marketing 
exercise  by  any  means.  We  reorganized  our  company  our  products  and  our  teams 
around  it.  We  really  run  it  as  a  huge  cross-company,  horizontal  initiative.  And  it 
affects  everything  we  do. 

Its  roots  came  from  what  we  learned  through  our  own  transformation  that  were 
still  in  the  throes  of. We  internally  transformed  87  different  vertically  oriented  silos 
of  stuff  —  from  everything  to  salesforce  to  order  entry  to  HR  —  to  a  more  stan¬ 
dardized  simplified  integrated  infrastructure.  Now  we’re  working  on  the  business 
processes  that  we  need  to  be  much  more  adaptable. 

We  are  offering  the  pragmatic  steps  that  a  company  would  take  to  become 
more  agile.  We  allow  customers  to  really  think  big,  and  then  our  skill  is  translating 
the  infrastructure-agnostic  road  map  into  what  steps  customers  need  to  take 
specifically  We  believe  that’s  where  all  the  action  is  in  the  next  three  to  five 
years. 

We’re  strong  in  the  infrastructure  layer,  the  infrastructure  manageability  and 
application  services  levels  as  well.  We ’re  just  now  branching  into  the  business 

See  HP,  page  22 


Orchestria  hones  its  compliance  tools 


■  BY  ANN  BEDNARZ 


Software  maker  Orchestria  this  week  is 
expected  to  unveil  a  new  version  of  its 


■  Documentum  last  week  released  a 
new  version  of  its  hosted  collabora¬ 
tion  software,  eRoom.net.  The  latest 
version  is  based  on  eRoom  7.0  soft¬ 
ware,  which  includes  project  planning, 
search  and  management  tools.  It  also 
features  some  pre-configured  busi¬ 
ness  applications  including  compli¬ 
ance  and  finance.  Version  7.0  now  lets 
users  set  up  an  unlimited  number  of 
eRooms,  eliminating  per  eRoom  pric¬ 
ing.  The  service  is  priced  at  $20  per 
user  per  month  for  100  users. 

■  Ounce  Labs  announced  that  next 
month  it  will  make  available  its  secur¬ 
ity  testing  tool.  Prexis,  which  can 
examine  applications  at  the  source 
and  binary  code  level  for  security 
flaws.  Prexis,  which  runs  on  Microsoft 
or  Linux,  starts  at  $100,000. 


compliance-monitoring  software  that  is 
aimed  at  helping  companies  manage  how 
employees  use  unstructured  electronic 
communications  such  as  email,  instant 
messaging  and  the  Web. 

Orchestria  is  targeting  companies  in 
financial  services  and  other  tightly  regulat¬ 
ed  industries  that  need  to  make  sure  the 
information  being  shared  via  employee 
communications  is  in  accordance  with  the 
law.  Its  Active  Policy  Management  3.0  mon¬ 
itors  messages  in  real  time  and  alerts  users 
to  possible  compliance  breaches  —  such 
as  document-sharing  violations  or  inappro¬ 
priate  disclosures  —  before  suspicious 
content  gets  sent. 

For  example,  if  an  employee  tries  to  send 
a  document  to  a  client  without  a  requisite 
disclaimer,  Orchestria’s  software  can  warn 
the  employee  to  add  the  disclaimer. Or  if  an 
internal  message  from  an  employee  in  the 
research  department  to  someone  in  the  in¬ 
vestment  banking  division  violates  corpo¬ 
rate  information  boundaries,  the  software 
can  block  the  exchange. 

Users  say  there’s  a  market  for  such  tools. 
Regulatory  initiatives  are  driving  compa¬ 
nies  to  keep  better  tabs  on  how  corporate 
information  is  shared  and  stored,  accord¬ 
ing  to  the  Network  World  500,  a  survey  of 
500  network  IT  executives  conducted  by 
Network  World  and  Research  Concepts. 
Among  respondents,  46%  said  they  will  up¬ 
grade  their  applications  or  purchase  new 


Regulatory  crunch 

Companies  will  spend 

$5.5  billion 

this  year  to  meet 
Sarbanes-Oxley  Act 
requirements,  according 
to  AMR  Research. 


applications  this  year  to  ensure  compli¬ 
ance  with  regulations  such  as  the 
Sarbanes-Oxley  Act  for  financial  account¬ 
ability  and  the  Health  Insurance  Portability 
and  Accountability  Act  for  protecting 
patient  privacy  in  healthcare.  Another  10% 
will  do  so  in  the  next  one  to  two  years, 
according  to  the  survey 

Software  tools  designed  to  assist  regula¬ 
tory  compliance  include  products  that 
handle  data  collection,  storage,  retrieval 
and  deletion,  from  vendors  such  as  EMC, 
FileNet,  Meridio  and  Zantaz;  information 
analysis  software  for  discovering  and  inter¬ 
preting  content,  from  vendors  such  as 
Orchestria  and  Convera;  and  security  tools 
for  restricting  access  to  content,  from  ven¬ 
dors  such  as  Courion. 

New  in  Orchestria’s  Active  Policy  Man¬ 


agement  3.0  is  the  option  to  deploy  the 
software  on  a  central  server  to  extend 
coverage  to  mobile  devices;  previous  ver¬ 
sions  required  the  software  to  be  installed 
on  individual  desktops.  Server-based 
deployment  lets  companies  monitor  mes¬ 
sages  conducted  through  Microsoft 
Outlook  Web  Access  or  sent  from  corpo¬ 
rate-issued  wireless  handheld  devices, 
says  Paul  Johns,  Orchestria’s  vice  presi¬ 
dent  of  global  marketing. 

The  vendor’s  server-level  agents  are  avail¬ 
able  for  Microsoft  Exchange  Server.  These 
agents  intercept  incoming  and  outgoing 
e-mail  messages  and  send  them  to  a  pool  of 
distributed  “policy  engines”  to  make  sure 
the  content  complies  with  a  company’s 
policies.  The  policy  engines  tell  the  server 
agents  if  messages  should  be  processed 
normally  or  blocked.  If  a  message  is 
blocked,  the  software  informs  the  sender, 
recipient  and  appropriate  legal  or  compli¬ 
ance  staff  and  explains  the  nature  of  the 
infraction. 

Version  3.0  also  adds  new  capabilities 
for  monitoring  IM  conversations. To  make 
it  easier  for  staff  to  retrieve  and  review  IM 
conversations,  the  software  combines 
message  threads  into  “conversations" 
rather  than  capturing  each  IM  as  a  sepa¬ 
rate  communication,  as  it  did  in  previous 
versions. 

Active  Policy  Management  3.0  costs  be¬ 
tween  $75  and  $150  per  seat.  ■ 
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Sen.  Orrin  Hatch  (R-Utah)  last  week 
introduced  legislation  called  the 
Inducing  infringement  of  Copyrights 
Act  of  2004  just  before  press  time. This  fol¬ 
lows  a  leak  two  weeks  ago  of  an  earlier  ver¬ 
sion  of  the  bill  that  is  quite  a  piece  of  work 
if  you  read  it  literally  But  1  wonder  if  that’s 
what  we’re  supposed  to  do. 

The  leaked  version,  which  went  by  the 
name  of  the  Inducement  Devolves  into 
Unlawful  Child  Exploitation  Act  of  2004, 
had  some  people  active  in  the  copyright 
debate  going  ballistic.  It’s  easy  to  see  why. 
The  core  of  the  act,  at  least  in  the  early 


Is  there  a  little  devil  on  the  way? 


version  (1  haven’t  had  access  to  the  actu¬ 
al  bill  yet),  extends  the  definition  of  a 
copyright  infringer  to  “whoever  intention¬ 
ally  induces  any  violation”  of  copyright 
laws.  It  says:  “intentionally  induces  means 
intentionally  aids,  abets,  induces,  counsels 
or  procures,  and  intent  may  be  shown  by 
acts  from  which  a  reasonable  person 
would  find  intent  to  induce  infringement 
based  upon  all  relevant  information 
about  such  acts  then  reasonably  available 
to  the  actor,  including  whether  the  activity 
relies  on  infringement  for  its  commercial 
viability” 

Read  literally,  this  could  mean  that  any¬ 
one  selling  a  product  that  could  be  used 
to  infringe  copyright  would  be  guilty  of 
infringement.  Hatch  is  from  Utah  and 
parts  of  Utah  are  quite  stark  and  empty 
(and  beautiful  as  I  can  attest),  but  I  doubt 
that  none  of  his  constituents  use  the 


Internet  or  own  PCs,  copiers,  scanners, 
cameras,  VCRs,  TiVo,  portable  music  play¬ 
ers,  paper,  pens  or  pencils.  Since  all  of 
these  could  be  used  to  make  illegal 
copies  of  copyrighted  material  under  the 
literal  wording  of  this  bill,  anyone  selling 
any  of  these  could  be  guilty  of  copyright 
infringement.This  could  get  a  bit  dicey  for 
Intel,  Microsoft  and  pencil  makers.  (By  the 
way,  there  is  a  neat  Web  site  all  about  pen¬ 
cils  at  www.pencils.com.) 

This  is  not  the  first  time  Hatch  has  come 
up  with  half-  or  quarter-baked  anti-copy¬ 
right  infringement  ideas  (See  www. 
nwfusion.com,  DocFinder:  2627).  It  is 
entirely  believable  that  he  would  intro¬ 
duce  a  bill  like  this  even  though  at  best 
this  bill  looks  like  it  was  written  by  the 
teenage  kid  of  a  movie  studio  executive 
who  was  trying  to  protect  his  inheritance. 

But  maybe  the  draft  of  the  bill  has 
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served  its  purpose  already.  Maybe  its  only 
purpose  was  to  be  leaked  just  to  set  off  a 
cacophony  of  outrage  and  scorn.  Maybe 
Hatch  thinks  he  can  introduce  a  some¬ 
what  less  wacko  bill  that  will  sail  through 
because  it  looks  so  good  in  comparison. 

Conjuring  up  a  bogeyman  then  killing  it 
off  as  a  way  to  distract  people  while  you 
sneak  a  little  devil  into  the  room  is  not  a 
new  concept.  If  that’s  what  Hatch  is  doing, 
then  we  need  to  be  on  the  lookout  for  the 
little  devil.  It  should  be  showing  up  any 
day  now. 

Disclaimer:  Cacophony  at  Harvard  is 
hardly  new,  but  the  above  addition  to 
the  Induce  cacophony  is  mine,  not  the 
university’s. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com 
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processes  more  with  products  such  as  [HP  Open- 
View]  Business  Process  Insight  for  customers  to  instru¬ 
ment  [their  networks]  and  for  us  to  offer  outsourcing 
capabilities. 

How  is  HP  integrating  business  performance  into  its  IT  man¬ 
agement  software? 

Over  time  anyone  that  only  understands  one  ele¬ 
ment  of  IT  —  the  network,  storage  or  applications  — 
will  really  be  handicapped  if  they  don’t  understand 
how  those  elements  relate.  Also  IT  managers  need  not 
only  to  understand  what  the  elements’  relationships 
are  with  the  IT  service  —  an  IT  service  could  be 
e-mail  or  ERP  or  the  Web  employee  portal  —  but  also 
with  the  business  processes. The  business  process  is 
more  how  work  gets  done.  If  you  actually  understand 
the  elements  of  it  and  modify  changes  in  the  IT  if 
there’s  a  bottleneck  in  the  process  you  can  improve 
your  earnings  per  share. 

It’s  incumbent  upon  IT  managers  to  look  left  and 
right,  what  is  my  network  connected  to.  And  they 
also  have  to  look  up  in  terms  of  what’s  the  IT  service 
;  and  what’s  the  ultimate  business  value  that  this  cre¬ 
ates.  1  think  the  very  nature  of  IT  departments,  the 
structure,  the  organization  and  the  governance  will 
change. 

Where  does  OpenView  management  software  fit  into  HP's 
overall  approach  to  delivering  Adaptive  Enterprise  products 
and  services  to  customers? 

OpenView  is  hugely  strategic  to  HP  overall.  In  terms 
of  investment,  the  OpenView  business  unit  did  1 1 
:  acquisitions  last  year.  It’s  one  of  the  four  strategic  ini¬ 
tiatives  of  the  company. Those  are  rich  digital  media, 
security,  mobility  and  manageability 

OpenView  was  always  a  line  of  business  that  had 
respect,  but  now  it’s  a  fundamental  underpinning  to 
HP’s  strategy  It  is  a  huge  part  of  how  one  monitors, 
manages  and  measures  their  environment. 


Eleven  acquisitions  is  a  lot  of  integration  work  for  HP. 
Where  is  the  company  in  integrating  the  technology  into 
OpenView? 

We  learned  a  lot  through  the  merger  with  Compaq. 
For  OpenView,  we  identified  the  technology  gaps  and 
were  able  to  fill  them  relatively  simply  In  terms  of 
technology  integration,  most  everything  we  bought 
was  already  a  partner  of  OpenView,  and  OpenView 
already  had  open  interfaces  to,  say  Novadigm  and 
other  technologies. TruLogica  and  SelectAccess  are 
already  integrated  together,  for  instance.  We  do  a  lot  of 
planning  six  months  in  advance  of  an  acquisition  to 
make  the  integration  process  go  as  smoothly  as  possi¬ 
ble.  The  Compaq  acquisition  gave  us  the  confidence 
and  the  skill  to  integrate  that  way 

One  technology  gap  noted  by  industry  watchers  is  around 
applications.  Is  HP  looking  to  acquire  any  application  life- 
cycle  testing  and/or  development  capabilities  to  compete 
with  those  technologies  from  Computer  Associates  or  IBM? 

First  of  all,  we  don’t  really  follow  or  copy  either  a  CA 
or  an  IBM.  We’re  running  our  own  race,  and  the  value 
is  really  about  the  heterogeneous  management  of 
large  complicated  data  centers  and  the  relationship 
of  all  those  things  in  there.The  fundamental  pieces 
you  need  for  that,  we  have  —  whether  it’s  really  good 
infrastructure  management  or  IT  services  manage¬ 
ment,  and  now  we’re  moving  into  business  process 
management.  In  terms  of  the  applications,  we  have  so 
much  on  there  now.  We  have  Transaction  Analyzer, 
we’ve  done  more  sophisticated  probing  into  the  diag¬ 
nostic  level  of  the  application  that  1  think  customers 
would  be  very  hard-pressed  to  need  something  that 
we  don’t  currently  offer. 

If  you  don't  consider  the  competition  in  product  plans,  how 
do  you  differentiate  HP  from  others  in  the  management 
market? 

When  you  look  at  the  market,  the  competition  is 
‘other.’ That  is  the  dominant  share  for  things  that 
would  be  classified  as  management  and  data  center 
automation  and  virtualization.  Either  customers  have 
written  their  own,  don’t  use  anything  or  use  it  from  a 
host  of  very  small  companies.  When  you  add  up  the 
top  three  big  players,  HP  included,  is  less  than  30%  of 
the  market.  It’s  wide  open,  especially  in  the  business 


process  side. There  are  not  a  lot  of  properties  there 
already  While  we  certainly  do  have  those  attack  pro¬ 
grams  if  you  convert  from  CA  or  Remedy  or  so  on, 
those  are  normal  policies  that  any  salesforce  that’s 
any  good  will  have.  But  in  terms  of  huge  competition, 
it’s  just  other.  It’s  either  doing  nothing  or  scads  of  start¬ 
ups  and  very  tiny  niche  players. 

How  does  OpenView  balance  the  big  picture  and  practical 
management  issues,  such  as  bringing  new  applications 
online  such  as  VoIP,  wireless  and  so  on? 

You’re  allowed  to  think  big,  but  then  you  act  in  very 
small  ways,  with  very  pragmatic  steps.  For  example,  we 
are  doing  IP  multicasting  with  Cisco.  Now  with 
Network  Node  Manager,  you  can  manage  a  wireless 
network  as  well  as  IP  telephony  —  those  are  just 
devices  at  the  end  of  the  network.  We’re  investing 
heavily  in  root-cause  analysis,  and  we  did  a  partner¬ 
ship  with  Packet  Design  to  go  much  deeper  than  we 
had  before. 

With  all  the  focus  on  IT  services  and  business  processes, 
where  does  network  management  come  into  play  for 
OpenView? 

Because  of  the  nature  of  networks  and  the  geo¬ 
graphic  distribution  as  well  as  the  standardization,  the 
whole  concept  of  self-healing  and  management-less 
networks  is  years  off.  Now  that  said,  you  can  automate 
a  lot  of  it.You  can  just  cut  down  a  lot  of  noise  the  net¬ 
works  are  spitting  out  and  correlate  those  things 
together.  Elements  themselves  and  the  network  are 
becoming  much  smarter.  Because  the  network  is 
much  smarter,  you  can  link  it  with  so  many  other 
things  and  the  relationships  of  that  network  becomes 
more  complex.  It  is  becoming  more  automated  and 
more  responsive  to  change.  But  we  still  need  network 
administrators.  ■ 

More  online! 

This  interview  with  Nora  Denzel 
continues  online. 
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Akamai  attack  underscores  DNS  risks 


■  BY  JENNIFER  MEARS 

An  attack  earlier  this  month  aimed  at 
DNS  services  for  high-profile  Akamai  Tech¬ 
nologies  customers  should  be  a  wakeup 
call  for  enterprise  users  to  ensure  they 
have  contingency  plans  to  deal  with  a 
growing  number  of  Internet  threats,  ana¬ 
lysts  say 

“This  really  isn’t  a  [content  delivery  net¬ 
work]  story  as  much  as  it  is  a  DNS  stoiyf 
says  Lydia  Leong,  principal  analyst  at 
Gartner.  “The  customers  impacted  hap¬ 
pened  to  be  Akamai  customers,  but  the 
real  question  has  to  do  with  DNS  tech¬ 
nologies.  I  don’t  think  this  is  any  reason  to 
get  gun-shy  with  CDNs,  but  my  advice  to 
clients  regardless  of  whether  they  out¬ 
source  their  DNS  is  that  they  should  have  a 
contingency  plan.” 

For  example,  Google,  which  was  hurt  by 
the  June  15  attack,  redirected  requests 
from  Akamai’s  servers  to  its  own  to  keep  its 
site  up,  Leong  says. 

In  addition  to  creating  an  alternate  set  of 
DNS  records, companies  also  could  deploy 
excess  Web  server  capacity  to  handle  re- 


■  Sprint  last  week  announced  it  is 
upgrading  its  nationwide  wireless  net¬ 
work  with  Evolution  Data  Opti¬ 
mized  technology.  The  upgrade  will 
increase  wireless  data  transmission 
speeds  from  about  200K  bit/sec  to  a 
range  of  300K  to  500K  bit/sec.  The 
carrier  says  it  will  spend  $1  billion  on 
the  upgrade.  Lucent,  Nortel,  Motorola 
and  Samsung,  Sprint's  current  wire¬ 
less  equipment  providers,  all  will  pro¬ 
vide  gear  for  the  EV-DO  upgrade. 

■  An  industry  organization  repre¬ 
senting  providers  Yahoo,  Micro¬ 
soft,  AOL  and  EarthLink  last  week 
released  recommendations  they  con¬ 
tend  would  greatly  reduce  spam.  The 
Anti-Spam  Technical  Alliance's  State¬ 
ment  of  Intent  includes  a  list  of  sug¬ 
gestions  and  “best  practice"  recom¬ 
mendations  for  ISPs,  e-mail  service 
providers,  governments,  corporations 
and  bulk  e-mail  senders. 


quests  should  DNS-based  global  load  bal¬ 
ancing  fail  and  could  demand  service- 
level  agreements  with  their  service  pro¬ 
viders  in  the  case  of  non-  performance, 
among  other  things,  Leong  says. 

Paul  Mockapetris.who  invented  DNS  and 
is  chairman  and  chief  scientist  at  IP  ad¬ 
dress  infrastructure  software  vendor  Nom- 
inum,  says  companies  should  put  filters  at 
the  edge  of  their  networks  to  try  to  address 
distributed  denial-of-service  (DoS)  attacks. 
He  says  hackers  are  targeting  DNS  servers 
more  often  because  DNS  is  key  to  most  In¬ 
ternet  services. 

“We  expected  [the  use  of]  DNS  to  grow 
through  new  applications  and  a  bunch  of 
other  things,  but  viruses  and  spam  and 
these  attacks  have  been  providing  a  lot  of 
the  growth,”  he  says. 

Despite  the  “sophisticated  and  large- 
scale”  nature  of  the  attack,  just  l%,or  fewer 
than  a  dozen,  of  about  1,100  Akamai  cus¬ 
tomers  were  affected  significantly  meaning 
that  more  than  20%  of  their  users  had  trou¬ 
ble  accessing  their  sites, says  Tom  Leighton, 
chief  scientist  at  Akamai. 

The  distributed  DoS  attack,  apparently 


Akamai  under  attack 

DNS-focused  attack  slowed  performance  for  major  sites  on  June  15.  A  look  at 
what  happened: 
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propagated  by  “zombie”  servers  set  up  via 
viruses  and  used  to  flood  the  DNS  servers 
with  requests, was  first  detected  at  8:30  a.m. 
EST.  DNS  servers  translate  common  URLs 
into  numerical  IP  addresses,  which  a  client 
computer  uses  to  access  Web  sites. 

Leighton  says  only  about  4%  of  Akamai’s 
customers  were  affected  and  only  half  had 
any  noticeable  problems. The  attack  was 


Powell  affirms  promise 
to  go  light  on  regulation 


■  BY  TIM  GREENE 

FCC  Chairman  Michael  Fbwell  played 
cheerleader  to  the  telecom  industry  last 
week  during  his  SuperComm  2004  keynote 
interview,  promising  to  keep  a  light  hand 
on  regulations  to  stimulate  investment  in  IP 
service  provider  networks. 

Powell  said  he  expected  2005,  not  2004, to 
be  the  year  when  telecom  fully  recovers 
from  the  past  three  years  of  hard  times.  “I 
wouldn’t  say  the  industry  is  out  of  the 
woods,”  he  said, “but  we  can  see  a  pasture 
at  the  end  of  the  tree  line.” 

Matthew  Flanagan,  president  of  the 
Telecom  Industry  Association,  interviewed 
the  FCC  chairman  on  stage. 

Fbwell  said  consumer  awareness  of  IP 
services  makes  it  clear  that  service  pro¬ 
viders  must  embrace  packet  networks.  “It’s 
not  debatable  any  more  if  your  company  is 
going  to  have  to  become  IP-enabled  to  sur¬ 
vive,”  he  said. 

He  said  he  was  pleased  that  President 
Bush  set  2007  as  the  target  for  ubiquitous 


broadband  access  to  service  provider  net¬ 
works,  although  he  regards  it  as  ambitious. 
To  reach  it,  every  possible  access  technol¬ 
ogy  will  be  needed  and  that  means  FCC 
policies  on  all  of  them. That  role  will  be 
guided  by  a  light  touch,  he  said. 

“We  should  be  driven  to  do  everything 
we  can  to  stimulate  applications,”  Powell 
said,  and  that  means  doing  as  little  regula¬ 
tion  as  possible. 

By  minimizing  the  red  tape  to  get  new  ser¬ 
vices  approved,  the  less  money  service  pro¬ 
viders  have  to  spend  on  lawyers. “They  can 
redirect  that  money  to  switches  and  fiber’’ 
he  said. 

He  also  said  the  commission  should  ex¬ 
periment  with  altering  regulations  to  en¬ 
courage  growth,  such  as  offering  more 
unlicensed  wireless  spectrum,  squeezing 
in  more  bandwidth  within  broadband 
spectrum  and  making  it  easier  to  transfer 
spectrum  licenses. “Dramatic  changes  are 
needed.  We  cannot  act  fast  enough  to  let 
the  use  of  spectrum  reach  its  highest  and 
best  use,”  Fbwell  said.B 


thwarted  and  service  returned  to  normal 
by  10:45  a.m.  EST,  Leighton  says. 

Akamai,  which  hosts  some  of  the  Inter¬ 
net’s  largest  sites,  including  Yahoo,  Google 
and  Microsoft.com,  is  no  stranger  to 
attacks,  but  Leighton  says  in  the  past  the 
service  provider  has  been  successful  in 
defending  against  them. 

“It  was  discouraging  to  see  one  get 
through  in  the  limited  way  it  did,”  Leighton 
says.  “It  makes  us  more  educated  and 
makes  us  redouble  our  efforts  to  try  to  pre¬ 
vent  that  from  happening  again.” 

In  response  to  this  incident  and  an  unre¬ 
lated  outage  in  May  that  Akamai  blamed 
on  an  internal  glitch  in  its  content  man¬ 
agement  software,  Akamai  customers  have 
mixed  reviews. 

An  online  technology  executive  at  a  large 
media  company,  who  asked  not  to  be  iden¬ 
tified, says  his  firm  uses  Akamai,  but  that  its 
sites  weren’t  hurt  by  the  latest  problem. 

“The  May  outage  concerned  me  more 
because  it  was  the  result  of  a  bone-headed 
flaw,  but  again  they  responded  pretty  well, 
kept  us  pretty  well  informed  and  so  far 
seem  to  be  serious  about  tightening  up  the 
controls,”  he  says.  “There  haven’t  been 
many  other  incidents  over  the  last  three 
years  or  so. . . .  If  it  becomes  a  habit  or  we 
have  a  longer  duration  outage  1  will  be¬ 
come  more  concerned.” 

A  vice  president  of  technology  at  a  media 
company  who  also  asked  not  to  be  identi¬ 
fied,  says  the  May  incident,  which  knocked 
his  site  offline  for  45  minutes,  is  causing 
him  to  consider  making  some  changes. 

“These  problems,  combined  with  Aka¬ 
mai’s  claim  of  being  a  ‘superior’  CDN  ser¬ 
vice  to  other  CDNs  and  thus  charging  a 
premium  price,  is  making  me  re-evaluate 
and  look  at  redundancy  options,”  he  says.  ■ 
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Presence  is  in  the  eye  of  the  beholder 


In  Lewis  Carroll’s  Through  the  Looking 
Glass,  Humpty  Dumpty  tells  Alice, 
“When  I  use  a  word,  it  means  just  what  I 
choose  it  to  mean  —  neither  more  nor 
less.”  She  replies, “The  question  is,  whether 


you  can  make  words  mean  so  many  differ¬ 
ent  things." 

Great  question,  particularly  when  the 
word  is  “presence.” 

Presence  is  hot.  Service  providers  want  to 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  165  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 
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Creating  answers  together. 


offer  it.  Pundits  say  it  will  revolutionize 
business  processes.  And  vendors  of  prod¬ 
ucts  from  security  platforms  to  collabora¬ 
tion  suites  to  IP  telephony  say  their  offer¬ 
ings  are  “presence-enabled.” 

But  what,  exactly  is  presence? 

In  a  nutshell, presence  is  the  ability  to  pro¬ 
vide  real-time  context  about  a  user.  What 
sort  of  context?  Depends  on  whom  you 
ask.  Vendors  and  service  providers  with 
roots  in  traditional  telephony  define  con¬ 
text  as  primarily  about  physical  location 
and  reachability  Location-based  services 
provide  information  to  users  based  on 
their  physical  locations  (think  91 1  call  cen¬ 
ters  or  the  OnStar  satellite  service).  Here, 
context  means  geography 

A  variant  of  this  definition  includes  the 
type  of  end  device  from  which  the  user  is 
currently  reachable.  For  example,  Mitel 
Networks  offers  an  HP  Ipaq-based  IP 
phone  that  lets  the  IP  PBX  know  when  it’s 
docked  at  the  desktop.  Calls  automatically 
can  be  routed  to  the  user’s  desktop  phone. 
But  when  the  user  pockets  the  Ipaq  to  go 
downstairs  to  the  cafeteria,  calls  are  routed 
to  the  Ipaq. 

Similarly,  AOL  Instant  Messaging  and 
other  consumer  IM  services  route  IMs  to 
user  cell  phones  when  people  are  not  at 
their  desks.  In  these  examples,  context  is 
not  about  where  you  are,  but  how  you  can 
be  reached. 

A  third  definition  involves  who  you  are 
and  what  you  know.This  is  used  in  call  cen¬ 
ters  that  feature  skills-based  routing.  Calls 
are  routed  to  agents  who  can  address 
specific  inquiries.  In  newer,  presence- 
equipped  customer-contact  centers,  an 
agent  might  request  support  from  experts 
in  a  particular  field.  Such  experts  are  listed 
as  individual  IM  groups. 

Finally  vendors  of  software  collaboration 
suites  view  context  as  what  users  are 
doing.  Are  they  composing  a  memo  in 
Word?  Accessing  an  accounting  module  in 
SAP?  Writing  code?  To  these  vendors,  the 
ability  to  locate  someone  engaged  in  a  par¬ 
ticular  project  or  working  within  an  appli¬ 
cation  is  what  context  is  all  about. 

The  upshot  is  that  virtually  every  major 
vendor  is  offering  presence-enabled  col¬ 
laboration.  As  they  do,  they’re  trespassing 
onto  each  other’s  turf.  For  example,  collab¬ 
oration  suite  vendors  view  voice  as  an  add¬ 
on  to  their  collaboration  solutions,  while  IP 
telephony  vendors  see  collaboration  appli¬ 
cations  as  an  add-on  to  theirs. 

This  tees  up  an  unusual  competitive  con¬ 
stellation  in  what  we’re  calling  the  “pres¬ 
ence  wars.”  Software  players  (think  Micro¬ 
soft,  Oracle,  Sun  and  IBM)  are  going  head- 
to-head  against  network  vendors  (Cisco, 
Avaya,  Nortel  and  Siemens). 

Who  will  win?  It  is  too  early  to  call. “The 
question  is," said  Humpty  Dumpty,“  which 
is  to  be  master  —  that’s  all.” 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com 


Metro  Ethernet  gaining  a  foothold  in  market 


BY  DENISE  PAPPALARDO 


SOURCE:  IDC 


While  many  of  the  start-ups  that 
contributed  to  the  metropolitan 
Ethernet  service  hype  are  now 
gone  or  transformed,  the  surviving 
providers  have  risen  to  the  challenge  of 
providing  a  useful,  cost-effective  offering 
for  many  customers. 

Back  in  early  2000  there  were  a  hand¬ 
ful  of  service  providers,  such  as  Yipes, 

Telseon  and  Cogent,  that  launched  big 
plans  to  offer  metropolitan  Ethernet  ser¬ 
vices  to  the  masses.  A  punishing  market¬ 
place  quickly  showed  the  early  players  that  this  wouldn’t 
be  an  easy  task. 

A  case  in  point  is  Yipes. The  company  filed  for  bank¬ 
ruptcy  protection  in  early  2002  and  emerged  that  fall 
offering  metropolitan  Ethernet  services  in  10  markets. 
Telseon  was  acquired  in  2002  by  metropolitan  Ether¬ 
net  service  provider  OnFiber,  which  counts  Wal-Mart 
and  Cisco  as  customers.  Cogent  seems  to  be  going 
strong,  perhaps  because  it  diversified  in  2002  when  it 
acquired  most  of  PSINet’s  assets.This  year  Cogent  also 
acquired  metropolitan  Ethernet  service  providers  in 
France  and  Germany. 

As  metropolitan  Ethernet  service  providers  have 
changed  so  have  the  forecasts.  In  2002  IDC  predicted 
that  revenue  from  metropolitan  Ethernet  services  would 
increase  to  $740  million  by  2006.The  consulting  firm 
has  reeled  in  that  estimate  to  about  $691  million  in  a 
report  published  in  March. 

Customer  options  abound 

Despite  bumps  in  the  road,  users  are  turning  to  a  multi¬ 
tude  of  providers,  including  AT&T, Verizon,  Qwest, Time 
Warner  Telecom  and  XO  Communications  for  metropoli¬ 
tan  Ethernet  services. 

“Metro  Ethernet  has  a  lot  of  potential,  and  it  will  grow,” 
says  Ron  Kaplan,  a  research  manager  at  lDC.“lt’s  a  low- 
cost-per-megabit  alternative  to  private  line.” 

Customers  are  using  Ethernet  at  headquarters  to  inter¬ 
connect  offices  and  also  to  connect  to  data  centers 
that  might  be  collocated  across  town,  Kaplan  says.That 
is  exactly  how  Presbyterian  Healthcare  Services  and 
WatchGuard  Technologies  are  using 
the  service. 

Last  year,  Presbyterian  Healthcare 
had  a  point-to-point  ATM  network  in 
Albuquerque,  N.M.,  to  link  its  three 
main  healthcare  facilities  and  its 
one  data  center. The  company  had 
one  OC-3, 155M  bit/sec  ATM  circuit 
from  Qwest  to  its  data  center  and 
twoT-l,45M  bit/sec  circuits  to 
Presbyterian  Hospital,  Presbyterian 
Kaseman  Hospital  and  Presbyterian 
Northside  Urgent  Care  facilities. 

“We  wanted  to  double  capacity  at 
each  site,”  says  Aaron  Jaramillo,  oper¬ 
ations  manager  for  data  communica¬ 
tions  at  the  healthcare  company 


Ethernet  service  adoption 


Beyond  the  hype  and  billion-dollar  revenue  forecasts,  users  are 
adopting  Ethernet  services  to  meet  their  networking  needs. 

In  the  millions 

Based  on  actual  and 
projected  revenue, 
users  are  spending  the 
most  on  metropolitan 
Ethernet  transparent 
LAN  services. 


Year 

Transparent 

LAN 

Internet 

access 

Wholesale 

Total 

2003 

$206.9 

$115.6 

$10 

$332.5 

2004 

$258.2 

$149.1 

$12.3 

$419.6 

2005 

$320.6 

$193.9 

$15.3 

$529.8 

More  online! 

It's  magical.  The  moment  when  data,  voice  and  video 
integrate  across  your  network  and  suddenly  the 
benefits  become  real.  Listen  to  highlights  from  Johna 
Till  Johnson's  keynote  presentation  on  ways  to 
maximize  your  VoIP  investment. 
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Late  last  year  the  company  turned  to  Time  Warner 
Telecom  to  meet  the  company’s  bandwidth  goals.  In 
October,  Presbyterian  Healthcare  upgraded  to  an  OC- 
48,2.488G  bit/sec  fiber-optic  ring.  Off  of  that  ring,  the 
company  has  a  300M  bit/sec  circuit  to  its  data  center 
and  100M  bit/sec  connections  at  its  other  facilities. 

When  asked  how  he  was  able  to  negotiate  the  private 
use  of  a  single  OC48,  Jaramillo  says, “it  was  a  none-issue. 
1  asked  for  it  and  they  said  OK.”While  it’s  a  private  ring, 
Presbyterian  has  to  pay  only  for  the  bandwidth  it  uses. 
“That  was  the  easy  part  of  our  negotiations,”  he  says. 

Jaramillo  might  be  one  beneficiary  of  the  fiber  glut 
that  was  a  popular  topic  a  few  years  back.Time  Warner 
Telecom,  which  has  no  affiliation  to  the  cable  company 
with  the  same  name,  has  11,000  miles  of  local  metropol¬ 
itan  fiber  in  22  states  in  44  markets.  It  might  be  that 
many  users  in  Albuquerque  are  not  asking  for  private 
rings,  or  that  Time  Warner  wanted  to  go  the  extra  mile  to 
give  customers  what  they  want.  While  this  request  was 
easily  granted,  finding  a  price  that  worked  for  both  par¬ 
ties  took  more  work. 

As  IDC’s  Kaplan  says,  while  Ethernet  is  less  expensive 
than  traditional  private-line  offerings,  it  is  not  cheap. 

“Pricing  was  hard,”  Jaramillo  says.“When  Time  Warner 
first  came  back  it  was  virtually  the  same  cost  as  we 
were  paying  [with  ATM]. We  had  to  challenge  them. We 
were  taking  on  significant  risk  by  making  the  change, 
and  there  had  to  be  some  benefit  beyond  additional 
bandwidth.” 

Jaramillo’s  tenacity  paid  off  by  reducing  Presbyterian 
Healthcare’s  telecom  costs  by  15%  annually. 

Although  the  healthcare  facility 
went  back  and  forth  with  Time 
Warner  on  pricing,  Jaramillo  says 
the  negotiation  process  was  “pretty 
fast,”  only  30  to  45  days.  With  other 
telecom  companies,  negotiating 
the  contract  is  a  long, “painstaking 
process,"  he  says. 

The  upgrade  let  Presbyterian  de¬ 
ploy  a  digital-imaging  application 
that  lets  medical  professionals 
send  3-D  radiological  images 
across  the  company’s  network. 

Presbyterian  Healthcare’s  metro¬ 
politan  Ethernet  service  essentially 
acts  as  a  transparent  LAN  that 
keeps  all  of  the  company’s  facili¬ 


ties  connected.  Earlier  this  month  the 
company  also  added  a  10M  bit/sec  dedi¬ 
cated  Ethernet  connection  to  the  Inter¬ 
net  at  its  data  center.  The  company  was 
having  latency  problems  with  its  local 
ISRwhich  was  causing  headaches  for  the 
1 60  employees  who  work  remotely  and 
access  the  network  through  a  VPN  that 
Jaramillo’s  team  manages  in-house. 

“We  put  the  order  in  [with  Time 
Warner]  on  a  Wednesday  and  the  line 
was  provisioned  on  a  Friday”  he  says.’Jt 
was  faster  than  we  expected.” 

Presbyterian  Healthcare’s  OC-48  ring 
should  serve  the  company’s  bandwidth  needs  for  at 
least  the  next  five  years,  Jaramillo  says. 

Added  services  key 

While  doubling  bandwidth  was  Presbyterian’s  goal, 
WatchGuard  was  looking  for  a  little  more. The  security 
company  has  two  dedicated  100M  bit/sec  Ethernet  con¬ 
nections  to  its  data  center,  which  is  collocated  at  an 
Internap  hosting  facility  about  5  miles  from  the  compa¬ 
ny’s  headquarters.  XO  provides  one  of  the  100M  bit/sec 
links  and  Time  Warner  Telecom  provides  the  second. 

“It  hasn’t  been  a  big  money  saver,  but  it  has  been  a  big 
enabler  of  enhanced  services,”  says  John  Deering,  sys¬ 
tems  supervisor  at  the  Seattle  company 

About  three  years  ago  WatchGuard  ditched  its  dual  T-l 
lines  in  favor  of  10M  bit/sec  Ethernet. 

The  bandwidth  increase  let  WatchGuard  move  most 
of  its  servers  to  its  data  center.  Initially,  the  technology 
company  had  only  its  “public  presence”  servers,  which 
feed  WatchGuard’s  Web  site,  at  Internap.  As  it  increased 
its  Ethernet  bandwidth  from  10M  up  to  100M  bit/sec, 
Deering  was  able  to  migrate  nearly  all  of  WatchGuard’s 
internal  application  servers  from  e-mail  to  financials 
to  Internap. 

“It’s  all  about  redundancy  Deering  says.  He’s  using  two 
service  providers  on  separate  fiber-optic  rings  to  provide 
his  Ethernet  services.  He’s  also  using  Internap  to  host 
nearly  all  of  the  company’s  servers  because  it  has  “a 
hardened  facility  with  raised  floors,  redundant  cooling 
systems  and  redundant  power  supplies,  which  I  don’t 
have  here,”  he  says. 

Ethernet  provides  high  bandwidth  at  reasonable  per- 
megabit  prices,  which  makes  it  a  better  choice  for  a 
company  such  as  WatchGuard  that  requires  fully  redun¬ 
dant  network  facilities. 

Metropolitan  Ethernet  services  have  turned  out  to  be 
the  right  answer  for  these  users,  but  it’s  not  for  everyone. 
Because  the  service  is  dependent  on  fiber,  it’s  limited 
geographically  to  large  cities  where  carriers  have  de¬ 
ployed  large  amounts  of  fiber,  IDC’s  Kaplan  says. 

But  over  the  next  few  years  users  should  expect  more 
flexible  metropolitan  Ethernet  services.  Many  of  the 
RBOCs  have  RFPs  out  to  equipment  vendors  for  Ether¬ 
net  over  copper,  which  would  be  a  different  flavor  of 
DSL,  Kaplan  says.  More  service  providers  are  looking  at 
providing  interworking  between  their  frame  relay,  IP  and 
Ethernet  services,  he  says.  Both  Qwest  and  Verizon  have 
launched  such  interworking  support  this  year.B 
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SHAPING  YOUR  NETWORK 


DDNS  automates  DNS  database  updates 

servers  for  a  zone  to  say  “The  new  serial 
number  for  foo.com  is  10.”  Secondary 
name  servers  that  receive  these  messages 
verify  that  the  zone  has  changed  and 
request  a  zone  transfer. This  permits  rapid 
convergence  of  all  a  zone’s  authoritative 
name  servers. 

A  name  server  determines  which  other 
name  servers  to  notify  by  looking  at  the 
name  server  records  for  the  zone  that  has 
been  changed.  (The  name  server  records 
list  the  set  of  primary  and  secondary 
name  servers  for  the  zone.)  This  creates  a 
new  problem  —  much  more  frequent 
zone  transfers  by  secondary  servers. 
Because  zone  transfers  entail  sending  the 
complete  zone  data  set,  this  is  a  waste  of 
bandwidth  when  only  one  or  a  few 
changes  have  occurred. 

To  make  these  zone  transfers  more  effi¬ 
cient,  the  IETF  developed  IXFR,  which  lets 
a  secondary  name  server  request  only  the 
changes  between  the  version  of  zone  data 
it  has  and  the  current  version.  The  sec¬ 
ondary  might  say“l  have  serial  number  10 
of  zone  foo.com.  Please  send  me  the 
changes  necessary  to  bring  me  up  to 
date.” The  primary  name  server  examines 
a  journal  to  determine  which  changes 
correspond  to  which  versions  of  the  zone, 
then  sends  a  record  of  these  changes  —  a 
series  of  additions  and  deletions  —  to  the 
secondary. 

Together,  these  mechanisms  meet  the 
basic  requirement  of  letting  programs 
update  zone  data  without  administrator 
intervention  and  then  deal  with  that  capa¬ 
bility’s  consequent  complications. 

Liu  is  vice  president  of  architecture  for 
Infoblox.  He  can  be  reached  at  cricket@ 
infobIox.com. 


HOW  IT  WORKS 


Dynamic  DNS 

Dynamic  DNS  is  a  standard  mechanism  for  managing 
the  identity  of  the  dynamic  networks  created  through 
Dynamic  Host  Control  Protocol.  Special  operations 
are  needed  to  change  names  to  IP  address  mappings. 
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O  DHCP  server,  on  behalf  of  DHCP  client,  sends  update  messages  to  primary 

name  server  to  add  a  record  to  a  host’s  name  specifying  its  IP  address,  and  another 
specifying  the  name  of  the  host  at  that  address. 

©  Primary  name  server  processes  dynamic  updates. 

0  Primary  name  server  sends  Notify  messages  to  secondary  name  servers  to  inform  them  of 
changes  to  data  in  administrative  units  called  zones. 

©  Secondary  name  servers  check  zone's  records  on  the  primary  server  and  request  incremental 
zone  transfer,  if  necessary. 

©  Primary  name  server  sends  incremental  zone  transfers  to  secondary  name  servers. 


■  BY  CRICKET  LIU 

DNS  is  the  Internet’s  naming  service. 
DNS  maps  the  names  of  hosts  to  their  IP 
addresses,  letting  users  locate  Web  sites 
and  mail  servers.  Traditionally  network 
administrators  manually  updated  DNS 
databases. 

Enter  Dynamic  Host  Configuration 
Protocol  (DHCP),  which  automates  the 
assignment  of  IP  addresses  in  a  network. 
DHCP  might  assign  a  host  only  a  tempo¬ 
rary  address,  requiring  many  different 
addresses  in  succession.  Hundreds  or 
thousands  of  computers  at  a  site  may 
receive  IP  addresses  in  this  way.  As  a  result, 
the  number  and  frequency  of  IP  address 
changes  makes  manual  DNS  administra¬ 
tion  impractical. 

To  solve  the  problem,  the  IETF  extended 
DNS  to  accommodate  these  dynamic  net¬ 
working  environments.  The  IETF  devel¬ 
oped  what  is  now  referred  to  as  Dynamic 
DNS  (DDNS),  a  standard  mechanism  for 
managing  the  identity  of  dynamic  net¬ 
works  created  through  DHCP  DDNS  is  an 
umbrella  term  for  three  related  DNS  pro¬ 
tocol  extensions:  Dynamic  Update,  Notify 
and  Incremental  Zone  Transfer  (IXFR). 
The  three  DDNS  protocol  extensions  are 
closely  related. 

Easing  administration 

Name  servers,  typically  implemented  as 
software,  provide  DNS  information  to 
computers  on  the  network.  The  informa¬ 
tion  is  divided  into  administrative  units 
called  zones. 

Before  DDNS  came  along,  network 
administrators  typically  administered 
zone  data  by  editing  text  files  called  zone 
data  files.To  add  information  about  a  new 


host,  an  administrator  would  add  an  A 
(address)  record  to  the  host’s  name,  spec¬ 
ifying  its  IP  address,  and  add  a  PTR  (point¬ 
er)  record  to  the  host’s  IP  address, specify¬ 
ing  the  name  of  the  host  at  that  address. 

Dynamic  Update  is  the  basic  DDNS 
operation,  letting  software  such  as  DHCP 
clients  or  servers  send  special  messages 
to  name  servers  to  update  zone  data.  A 
DHCP  server,  for  example,  can  send  an 
update  message  to  the  primary  name 
server  for  a  particular  zone  to  request  that 
a  record  be  added  to  that  zone  to  map  a 
DHCP  client’s  name  to  its  new,  DHCP- 
issued  IP  address.The  DHCP  server  might 
send  a  subsequent  update  message  to  the 


primary  name  server  for  a  reverse-map¬ 
ping  zone  to  add  a  PTR  record  for  the 
DHCP  client. 

A  dynamically  updated  zone  can 
change  much  more  quickly  than  a  zone 
administered  by  manually  editing  a  zone 
data  file.  Unfortunately,  DNS  traditionally 
uses  a  mechanism  that  reports  those 
changes  in  intervals  of  about  15  minutes. 
That  can  be  an  eternity  in  dynamic- 
update  time  scales. 

Enter  Notify.  Notify  lets  the  primary 
name  server  for  a  zone  tell  the  secondary 
name  servers  that  the  contents  of  a  partic¬ 
ular  zone  have  changed. The  name  server 
sends  a  message  to  the  secondary  name 


Dr.  Internet 


By  Steve  Blass 


We're  deploying  an  existing  Web  service  applica¬ 
tion  to  a  new  JBoss  server  by  following  the 
“Getting  Started  with  JBoss"  manual  from 
wwwJboss.org,  but  the  j2eetutorial  examples  file 
doesn't  seem  to  match  the  documentation.  The 
application  is  ready  for  deployment,  but  we  can’t 
seem  to  get  the  right  files  in  the  right  places  to 
make  things  work.  Where  can  we  find  a  JBoss 
example  that  works,  or  some  tools  to  automate 
the  deployment? 


The  manual  is  written  for  JBoss  Version  3.2.3 
and  Version  1.3.X  of  the  Java  Software  Develop¬ 
ment  Kit  (JSDK).The  current  production  JBoss 
release  is  3.2.4,  and  using  Version  1.4X  of  the 
JSDK  is  recommended.  A  note  in  the  manual 
suggests  downloading  JSDK  Version  1.3  of  the 
j2eetutorial  package  from  Sun  for  use  with  the 
examples,  rather  than  JSDK  Version  1.4,  be¬ 
cause  the  directory  structure  is  not  the  same. 
Deployment  in  JBoss  is  supposed  to  be  as  easy 


as  copying  the  application's  enterprise  archive 
(EAR)  file  to  the  default/deploy  directory. 

Building  and  installing  the  EAR  file  can  be  auto¬ 
mated  with  JBoss-IDE,  an  add-on  for  Eclipse 
(www.eclipse.org)  that  provides  point-and-click 
application  deployment  for  JBoss. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@change 
atwork.com. 
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Feedback  on  Ducky  and  defeating  DidTheyReadlt 
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A  few  weeks  ago  we  mentioned  that 
the  headers  of  JPEG  images  created 
by  Adobe’s  Photoshop  image  editor 
contain  three  tags  —  JFIp  Adobe  and 
Ducky  —  indicating  the  file  is  in  JPEG  File 
interchange  Format  and  produced  by  an 
Adobe  program  called  Ducky 
We  asked  if  anyone  knew  why  Ducky 
should  be  the  program’s  ID.  Reader  Bill 
Verzal  suggested  we  go  to  a  certain  page 
on  Adobes  Web  site  (www.nwfusion.com, 
DocFinder:  2628)  for  some  details. 

This  page  tells  us  the  reason  for  this 
eccentricity  is  that  developers  have  a  rub¬ 
ber  ducky  obsession.  If  you  have  Photo¬ 
shop,  check  out  the  page  and  try  the  Easter 
eggs  —  it  is  obvious  that  those  coders  were 
clinically  obsessed. 

Un  petit  divertissement  (as  the  French 
would  have  it)  —  Bill’s  signature  reads: 
“There  are  only  10  types  of  people  in  the 
world:  Those  who  understand  binary  and 
those  who  don’t . . .” 

After  our  recent  discussion  about  Did¬ 


TheyReadlt,  Jim  Michael  wrote:  “As  an 
e-mail  administrator  for  a  midsize  govern¬ 
ment  organization,  a  service  like  DidThey 
Readlt.com  is  not  a  welcome  idea.  At  first 
I  thought  of  several  ways  of  preventing 
our  proxy  server  from  allowing  access  to 
didtheyreadit.com  (all  browsers  here 
must  go  through  a  proxy  to  reach  the 
Web,  and  thus  the  HTML  messages  while 
being  rendered  are  also  subject  to  the 
proxy’s  rules),  but  I  could  see  some  holes 
in  that  approach.  Then  a  colleague  said 
‘why  not  simply  put  didtheyreadit.com  in 
your  DNS,  pointing  at  a  bogus  address?’ 
Brilliant!  If  the  image  can’t  be  resolved  to 
the  server  holding  it,  tracking  doesn’t 
work  and  life  is  good  again.” 

Chris  Miller  came  up  with  a  similar  solu¬ 
tion:  “I  went  about  gathering  the  informa¬ 
tion  on  DidTheyReadlt  through  SMTP  track¬ 
ing  (and  mail  body  properties)  instead  of 
capturing  it  through  Winsock.  As  one  of 
Lotus’  largest  application  service  providers, 
DidTheyReadlt  is  a  concern  because  this 
type  of  tracking  is  not  acceptable.  As  you 
know,  with  Notes  you  can  work  offline  and 
not  have  the  perweb.nsf  database  pull  the 
image  file,  but  this  was  still  not  acceptable. 
So  we  stopped  connections  from  rampell 
soft.com  servers  entirely  through  reverse 
DNS  look-ups  and  blocklists.  It  has  worked 


well  so  far.  1  consider  you  knowing  when  1 
read  my  e-mail  just  like  finding  out  when  I 
got  your  voice  mail  and  how  many  times  I 
listened  to  it.  I  can  see  the  conversation 
now,‘Yes,Mom,yes,I  did  get  it.Yes,  1  listened 
to  it  twice  for  48  seconds.”’ 

Lyman  Chapin  pointed  out  that  “Gear- 
head’s  description  of  how  DidTheyReadlt 
works  neglected  to  mention  that  mail  re¬ 
cipients  can  easily  defeat  the  system  by 
selecting  ‘Block  loading  of  remote  images 
in  mail  messages’  (or  equivalent  in  other 
mail  clients;  I  use  Mozilla/Thunderbird  on 
a  MacOS  X  system)  in  email  client  prefer¬ 
ences.  Not  everyone,  of  course,  thinks  that 
DidTheyReadlt  amounts  to  spyware,  so  not 
everyone  will  be  interested  in  knowing 
how  to  block  it.” 

With  Outlook  this  setting  can  be  found 
under  Tools  I  Options  I  Security  I  Change 
Automatic  Download  Settings,  where  you 
can  specify  that  pictures  or  other  content 
should  not  be  automatically  downloaded 
in  HTML  mail.  There  are  also  options  to 
permit  automatic  downloads  for  messages 
from  addresses  listed  in  Safe  Senders  and 
Safe  Recipients  or  from  Web  sites  included 
in  the  Trusted  Zone. 

An  oddity  in  the  same  section  is  the  op¬ 
tion,  “Warn  me  before  downloading  con¬ 
tent  when  editing,  forwarding  or  replying  to 


e-mail.”We  have  this  checked  but  it  appears 
not  to  work.  Does  anyone  have  any  idea 
what  is  going  on  here?  Is  this  just  a  run-of- 
the-mill  bug?  Or  is  it  one  of  those  features 
that  requires  you  to  sacrifice  a  chicken  be¬ 
fore  it  works? 

Our  last  feedback  comes  from  reader 
Rick  Matthews,  who  also  pointed  out  the 
Mozilla  option  and  added,  “Some  major 
vendors  seem  clueless  to  the  large  number 
of  users  they  miss  by  insisting  on  loading 
images  from  remote  servers.  Buycom  regu¬ 
larly  sends  e-mail  ads  with  no  useful  con¬ 
tent  other  than  that  in  remote  images.They 
offer  no  alternative  for  customers  wanting 
their  ads. There  is  no  option  for  non-HTML 
e-mail,  and  there  is  not  even  an  option  to 
click  through  for  a  version  of  the  ad  on 
their  Web  site.  At  one  time,  I  bought  regu¬ 
larly  from  buycom,  but  I  have  not  made  a 
single  purchase  since  they  started  this 
practice.  What  are  they  thinking?” 

An  interesting  point. We  doubt  that  a  pro¬ 
fessional  marketing  organization  would 
blindly  use  a  technique  without  knowing  if 
it  was  effective.  Makes  you  wonder  if  they 
are  using  some  variation  on  the  remote 
image-loading  technique  to  measure  on¬ 
line  user  behavior. 

Suspicions  to  gearhead@gibbs.com. 


CoolToo 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


The  scoop:  GPS  Navigator,  from  palmOne,  about  $300. 

What  it  does:  The  GPS  Navigator  is  a  small,  paperweight¬ 
sized,  portable  device  that  can  connect  to  GPS  satellites  to 
provide  location  information  for  driving  directions.  The 
device  also  has  a  Bluetooth  radio  to  wirelessly  connect  to 
a  palmOne  Tungsten  T3  or  Zire  72  (the  newer  handhelds 
with  Bluetooth  radios),  and  includes  mapping  software 
from  TomTom. 

The  entire  package  comes  with  vehicle-mounting  equip¬ 
ment,  power  chargers  (including  a  cigarette  lighter 
adapter)  and  cables;  and  eight  CDs  of  maps  that  cover  the 
U.S.  and  Canada.  Maps  are  downloaded  and  stored  on  a 
Secure  Digital  card,  not  on  the  palmOne  device  itself. 

The  TomTom  software  provides  turn-by-turn  driving 
directions  to  get  you  to  your  destination  and  voice  naviga¬ 
tion  commands,  such  as  “In  800  yards,  turn  left.”  If  you  miss 
your  turn,  the  software  will  calculate  a  new  route. You  also 
can  have  the  software  find  an  alternative  route, should  you 
run  into  a  traffic  jam,  construction  or  if  you  just  don’t  like 
the  route  the  software  has  chosen.When  you  begin  driving, 
the  software  will  use  the  GPS  connection  from  the  Navi¬ 
gator  device  to  determine  your  location  and  calculate 
your  speed.On  the  screen, the  software  provides  a  3-D  view 
of  your  current  location,  or  you  can  switch  to  a  more  tra¬ 
ditional  top-down  view  (the  2-D  map  view). 

Why  it’s  cool:  When  the  entire  system  works,  the  GPS 
Navigator  and  TomTom  software  will  make  sure  you  don’t 
get  lost  when  trying  to  find  an  address  or  location. The  3-D 


GPS  Navigator  gets  lost  in  configuration 


view  gives  a  different  perspec¬ 
tive  and  lets  you  see  in  general 
where  your  next  turn  will  be, 
and  the  voice  directions  are 
given  enough  in  advance  to 
make  sure  you  don’t  miss  that  turn. 

We  love  how  the  system  can  re-cal- 
culate  your  route  in  a  moment’s  notice  if 
you  do  miss  a  turn. The  vehicle-mounting 
cradle  connects  to  a  dashboard  via  a 
suction  cup,  which  means  we  didn’t  have 
to  permanently  install  the  device  in  our  car. 

And  getting  eight  full  CDs  of  maps  that 
cover  the  entire  U.S.  and  Canada 
almost  makes  it  worth  the  price. 

Why  it’s  not:  We  had  a  lot  of 
trouble  configuring  the  GPS 
and  connecting  Bluetooth  to  the 
Tungsten  T3.  After  several  attempts 
to  turn  the  device  on  and  off,  we 
called  a  palmOne  product  manager, 
who  said  the  problem  was  the  Blue¬ 
tooth  connection,  not  the  GPS  connec¬ 
tion.  The  problem  is,  there’s  no  indicator 
that  tells  you  whether  you  have  established  a 
Bluetooth  connection  with  the  GPS  Navigator.  We 
were  told  to  reset  the  T3,  then  re-establish  the  Bluetooth 
link  to  get  things  started  again. We  had  to  do  this  each  time 
we  started  a  new  trip. 

We  also  found  that  the  maps,  while  useful,  were  not 
always  accurate.  Smaller  roads  were  often  missing  from 
the  maps,  and  points  of  interest,  such  as  the  location  of  a 
gas  station,  were  often  not  in  the  right  place  (although 
they  were  close  enough  if  we  were  running  out  of  gas  and 


When  palmOne's  GPS  navigation  package  works,  it  can 
help  you  find  your  way.  But  setting  it  up  can  be  tricky. 


needed  to  find  one).  More  importantly  the  soft¬ 
ware  incorrectly  identified  the  location  of  our 
home  address,  and  it  wouldn’t  even  let  us  enter 
the  address  for  work  —  we  tried  entering  “1 18 
Turnpike  Road”  and  the  software  told  us  we 
needed  to  enter  a  number  between  164  and 
399,  which  was  farther  down 
the  road  from  our  actual 
location. 

You  also  will  need  to 
use  the  car  power 
chargers  because  the  sys¬ 
tem  will  drain  the  Tungsten 
T3  in  less  than  two  hours  if 
a  charger  is  not  connected. 

Bottom  line:  If  you  make 
a  lot  of  trips  and  depend 
on  finding  locations 
quickly,  this  system  can 
provide  a  good  alternative  to 
buying  a  more  permanent  in- 

car  GPS  package. 

The  portability  of  the  GPS  Navigator  (you  can  throw  it 
in  your  pocket  and  bring  it  with  you)  offers  a  chance  to 
navigate  when  you’re  away  from  the  vehicle. 

But  for  more  casual  users,  the  hassle  of  configuration  and 
the  drain  on  your  handheld’s  battery  make  this  system  an 
expensive  (and  sometimes  frustrating)  navigation  toy 
Grade:-*"*-*  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Companies  adopting  HP  Integrity  servers,  powered  by  industry-leading  Intel  Itanium  2  processors,  are  seeing 

remarkable  gains  in  performance.  The  momentum  is  building.  One  after  another,  companies  are  choosing  HP  Integrity  servers.  Leading  software 
and  technology  partners  such  as  BEA,  Microsoft®  Oracle,  SAP  and  Siebel  Systems  have  embraced  the  platform  as  an  industry  standard.  And  with  the  ability 
to  manage  a  mixed  environment  of  UNIX,  Microsoft'  Windows®  Linux  and  OpenVMS,  HP  Integrity  servers  are  fast  becoming  the  ultimate  consolidation  tool. 
Demand  maximum  performance,  reliability  and  cost-efficiency  now,  on  a  platform  that  will  carry  you  forward  into  the  future.  Demand  performance  that's 
real-world  proven,  and  get  it— with  HP  Integrity  server  solutions. 


Choosing  HP  Integrity  servers,  choosing  results. 


AIRBUS  UK: 

Running  HR-UXlli 
on  HP  Integrity  servers, 
20-30  wing  design 
simulations  that  used 
to  take  weeks  are 
now  done  overnight. 


COMPUSA: 

Going  with  64-bit 
architecture  using  HP 
Integrity  servers,  they 
cut  access  time  to 
inventory  data  by  up 
to  85%. 


FIAT  AUTO: 

Standardizing  on  64-bit 
infrastructure  using  HP 
Integrity  servers,  they're 
integrating  and  enhancing 
sales  and  service  as  well 
as  streamlining  the  buying 
process  while  lowering 
sales  cost. 


THE  KOEHLER  GROUP: 

Moving  to  an  environment 
composed  of  HP  Integrity 
servers,  they  gained 
a  50%  improvement  in 
mission-critical  performance. 


To  get  the  IDC  white  paper  outlining  the  performance  of  HP  Integrity  servers  with  Intel  Itanium  2  ;w 

processors,  go  to  hp.com/go/demandlntegrity6  or  call  1-800-282-6672,  option  5,  mention  code  AQHG,://^ 


Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Itanium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  U.S.  and  other  countries.  Microsoft  and  Windows  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporatio- 
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ON  TECHNOLOGY 

Beth  Schultz 


The  joy  of 
networking 

American  novelist  Pearl  S. Buck, a  Nobel  laureate  for 
literature,  once  wrote, “The  secret  of  joy  in  work  is 
contained  in  one  word  —  excellence.To  know  how 
to  do  something  well  is  to  enjoy  it.” 

Who  could  disagree?  When  you’ve  poured  your  best  into 
a  network  project,  perhaps  taken  a  chance  on  a  newer 
technology  or  unusual  implementation  to  improve  busi¬ 
ness  operations, you’re  bound  to  enjoy  in  its  success.  We 
think  it  should  be  shared. 

That’s  why  each  year  we  honor  readers  who  show  excel¬ 
lence  in  their  work  with  two  awards  —  the  Extended 
Enterprise  Innovator  Award  and  the  User  Excellence 
Award. 

The  Extended  Enterprise  Innovator  Award  recognizes 
organizations  that  have  realized  significant  gains  by  creat¬ 
ing  IP-based  electronic  ecosystems  that  connect  employ¬ 
ees,  customers  and  business  partners.  In  2003,  we  honored 
energy  industry  giant  Halliburton  for  a  sophisticated  yet 
easy-to-use  portal  that  delivers  rich  technical  content,  inter¬ 
active  tools,  collaborative  features  and  e-commerce  func¬ 
tions  for  customers, suppliers  and  employees. The  system 
provides  such  high  value  that  few  participants  will  leave  it. 

We  now  are  accepting  entries  for  the  Extended 
Enterprise  Innovator  Award,  which  will  be  evaluated  on 
technical  sophistication,  innovation  and  business  impact. 
Winning  projects  will  be  profiled  in  our  Extended 
Enterprise  Signature  Series  edition  Nov.  15. 

The  User  Excellence  Award,  now  in  its  20th  year,  is  an 
honor  bestowed  on  an  organization  that  demonstrates 
exceptional  use  of  network  technology  to  empower  corpo¬ 
rations.  Last  year’s  winner,  Washington  Mutual, grabbed  our 
attention  by  deploying  a  massive  Multi-protocol  Label 
Switching  (MPLS)  network  that  enabled  the  company’s 
rapid  expansion  nationwide.  One  day  last  August,  for  exam¬ 
ple,  WaMu  opened  32  bank  branches  in  Chicago  —  the 
MPLS  network,  which  connects  3,000  locations,  never 
missed  a  beat. WaMu  executives  say  the  network  reduced 
operational  costs  by  25%  in  the  first  year  and  expect  to 
realize  similar  gains  over  the  next  three. 

In  judging  User  Excellence  Award  entries,  we  look  for 
projects  that  use  mainstream  technologies  creatively  or 
that  employ  newer  technologies  to  solve  pressing  business 
problems.  We  will  showcase  the  winning  projects  in  our 
Dec.  27  Rower  Issue,  a  Signature  Series  edition. 

So  add  to  the  joy  of  a  job  well  done  by  getting  in  the  run¬ 
ning  for  Network  World’s  Extended  Enterprise  and  User 
Excellence  Awards.  Nomination  forms  will  be  available  at 
www.nwfusion.com,  DocFinder  2633,  through  Aug.  28. 

—  Beth  Schultz 
Editor,  Signature  Series 
bschultz@nww.  com 
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Unwelcome  interference 

Your  story  “HomePlug  trials  hitting  the  market” 
(www.nwfusion.com,  DocFinder:  2624)  does  not 
mention  the  adverse  interference  Broadband 
Powerline  (BPL)  causes  to  radio  communications 
in  the  1.8-MHz  to  80-MHz  frequency  range.  Services 
disrupted  include  shortwave  broadcasts,  medium- 
and  high-frequency  two-way  radio  communica¬ 
tions  (military,  homeland  security,  marine  and  ham 
radio),  military  land-mobile  communications  in 
the  30-MHz  to  88-MHz  range,  and  local  business 
and  public  safety  communications  in  the  29-MHz 
to  50-MHz  range. 

In  all  field  trials,  interference  to  various  radio  ser¬ 
vices  has  been  observed  in  every  location.  In  some 
cases,  this  interference  was  documented  at  more 
than  1  mile  from  the  test  power  line. 

By  FCC  definition,  BPL  is  a  Part  15  radio  service 
and  does  not  require  a  license.  Under  these  guide¬ 
lines,  Part  15  devices  must  not  cause  any  interfer¬ 
ence  to  existing  licensed  users  and  services,  and 
must  accept  any  interference  from  existing 
licensed  users  and  services. 

BPL  is  a  great  idea  —  on  paper.  In  the  real  world, 
it  is  wreaking  too  much  havoc  in  the  few  trials  con¬ 
ducted  so  far.  FCC  Chairman  Michael  Powell’s  push¬ 
ing  for  this  service  is  misguided  at  best.  Powell  is  a 
self-described  “cheerleader”  for  the  technology  The 
commission  simply  does  not  want  to  hear  the  bad 
news,  only  the  good,  about  BPL. 

Several  groups,  including  the  National  Telecom¬ 
munications  and  Information  Administration, 
AMSAT-North  America,  Association  of  Public-Safety 
Communications  Officials  International,  National 
Public  Safety  Telecommunications  Council  and  the 
American  Radio  Relay  League,  have  filed  com¬ 
ments  with  the  FCC  on  BPL  citing  grave  concerns 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


over  interference  issues. 

Yes,  I  see  the  need  in  this  country  for  high¬ 
speed/broadband  Internet  access.  Heck,  I  can 
only  connect  at  28.8K  bit/sec  at  my  home.  But 
high-speed  access  that  causes  electronic  interfer¬ 
ence  to  so  many  other  existing  services  is  not 
worth  it  at  any  price. 

Mark  Cobbeldick 
Lynchburg,Va. 

More  proof  needed 

In  her  column  “Voice  and  data:  Three  big  myths” 
(DocFinder:  2625),  Johna  Till  Johnson  seeks  to  dis¬ 
prove  the  “assumption  that  voice  systems  are  inher¬ 
ently  engineered  to  greater  reliability  than  data  net¬ 
works,”  adding, “Want  proof?  I  was  in  Manhattan  on 
Sept.  11, 2001.  Though  both  the  landline  and  cellu¬ 
lar  voice  networks  failed,  I  was  able  to  send  and 
receive  e-mail  and  instant  messages  throughout  the 
morning.” 

This  is  only  “proof”  that  data  networks  are  more 
reliable  than  voice  networks  by  the  measure  of, 
“Which  network  can  send  and  receive  messages 
when  planes  crash  into  two  of  the  tallest  buildings 
in  the  world?”  A  valid  criterion  but  highly  specific, 
which  most  evaluators  would  agree  tells  far  less 
than  the  whole  story  Before  I  dismiss  the  old 
assumption,  I  would  have  to  see  how  data  networks 
stack  up  in  terms  of  some  of  the  old  standby  mea¬ 
sures,  starting  with  uptime  percentages. 

Of  course  this  question  is  becoming  increasingly 
academic  because  even  voice  systems  increas¬ 
ingly  rely  on  computers  connected  to  the  data  net¬ 
work  for  such  things  as  voice  mail  retrieval.  Which 
makes  one  also  wonder  if  the  failure  experienced 
with  both  the  landline  and  wireless  voice  variants 
wasn’t  because  of  some  underlying  fault  in  the 
data  system. 

Alan  Deger 
Boulder,  Colo. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  2621 
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THROUGH  CHANNELS 

Ken  Presti 


ecently  I  showed  my  new  racing  bicy¬ 
cle  to  a  friend  who’s  so  serious  about 
the  sport  that  he  looks  at  any  roadster 
costing  less  than  $1,000  with  a  jaundiced 
eye.  “A  little  heavy”  he  commented.  I  picked 
up  the  bike  and  started  doing  curls  with  it  as 
though  I  were  lifting  weights.  “Not  just  a 
bike,”  I  quipped. “Its  a  complete  fitness  solution.” 

Over  the  years,  the  word  “solution”  has  been  transformed  into  a 
marketers  Holy  Grail  —  sometimes  with  real  meaning  and  some¬ 
times  without.  Nowhere  is  this  more  apparent  than  in  relationships 
between  vendors  and  value-added  resellers,  integrators  and  other 
members  of  the  indirect  channel  who  sell,  deploy  and  support  their 
products. 

Just  about  all  the  vendor  programs  that  support  these  alliances 
urge  partners  to  approach  their  customers  as  an  all-encompassing 
technology  provider  —  leading  with  that  particular  vendor’s  prod¬ 
ucts,  of  course.  Perhaps  this  approach  is  linked  to  the  shriveling  prof¬ 
it  margins  associated  with  point  products.  In  any  event,  channel  part¬ 
ners  constantly  are  encouraged  to  piece  together  solutions  that 
include  hardware, software,  connectivity  and  support. 

This  is  generally  good  news  to  “one-throat-to-choke”  advocates  who 
seek  to  avoid  the  inevitable  finger-pointing  that  occurs  when  differ¬ 
ent  parties  team  up  on  a  “solution.”  But  a  certain  amount  of  due  dili¬ 
gence  is  warranted.  Not  all  forms  of  expertise  are  created  equal,  and 
end  users  must  learn  to  distinguish  between  areas  of  genuine  com¬ 
petence  and  wishful  thinking. 


Sussing  out  solution-based  selling 


If  you’ve  worked  with  a  particular  reseller  for  an  extended  time 
period,  you  probably  know  its  skills  and  follow-through  capabilities 
well.  If  you’re  about  to  enter  a  new  area  with  the  company,  a  basic 
discussion  about  the  direction  of  its  business  and  degree  of  training 
will  probably  suffice.  Many  vendors  also  bestow  some  form  of  a  seal 
of  approval  when  a  channel  partner  develops  competency  in  a  new 
area.This  is  worth  asking  about  —  especially  if  the  new  offering  rep¬ 
resents  a  significant  expansion  from  the  partner’s  core  business. 

When  working  with  a  channel  partner  for  the  first  time,  it  is  wise  to 
add  the  extra  step  of  validating  its  responses,  either  through  the  spe¬ 
cific  vendors  or  through  checking  references  with  other  end-user 
companies  that  already  have  traveled  this  path.  In  many  cases,  end 
users  might  also  know  of  individuals  in  the  industry  who  are  not  inte¬ 
grators  but  have  sufficient  grounding  in  the  given  technology  to  pro¬ 
vide  a  basic  sanity  check  on  a  channel  partner’s  proposal.  If  their 
recommendations  are  at  odds  with  those  of  the  channel  partner,  ask 
the  vendor  to  help  arbitrate  the  conflicting  viewpoints. 

All  things  considered,  having  one  channel  partner  that  can  meet  all 
of  your  technology  needs  —  and  do  so  economically  —  is  probably 
more  the  exception  than  the  rule.The  key  is  to  develop  relationships 
with  knowledgeable  partners  who  can  admit  what  they  don’t  know 
and  assemble  the  necessary  outside  expertise  to  fill  in  the  gaps. With 
such  a  relationship  in  place,  IT  managers  can  capitalize  on  this 
streamlined  approach  to  technology. 


Over  the  years, 
the  word 
“solution"  has 
been  trans¬ 
formed  into 
a  marketer's 
Holy  Grail . . . 


Presti  is  research  director  of  IDC's  Network  Channels  and  Alliances 
service.  He  can  be  reached  at  kpresti@idc.com. 


TELECOM  CATALYST 

Daniel  Briere 

We  take  it  for  granted  that  there  are 
some  fairly  clear  lines  that  you  don’t 
cross  —  and  if  you  do,  supposedly 
you’ll  get  into  a  lot  of  trouble. 

Take  identity  theft.  Say  you’re  Enterprise  A 
with  Competitors  B,  C  and  D.  If  an  overzeal- 
ous  salesperson  for  Competitor  B  were  to  go 
to  Hotmail.com, set  up  an  account  using  your  vice  president  of  sales’ 
name  and  identity,  and  then  send  out  e-mails  to  your  clients  stating 
falsehoods  about  your  products,  this  clearly  would  be  over  the  line, 
illegal  and  the  perpetrator  would  get  in  big  trouble  over  it,  right? 

Unfortunately,  it’s  not  as  clear-cut  as  you  might  think.Take  the  case  of 
Ron  Fitch  v.John  Doe,  now  going  before  the  Maine  Supreme  Court.  On 
Christmas  Eve,  someone  (John  Doe)  created  a  Hotmail  account  in 
Fitch’s  name,  using  Fitch’s  dead  Saint  Bernard’s  name  as  the  password, 
and  sent  an  e-mail  to  Fitch’s  neighbors  containing  a  cartoon  lampoon¬ 
ing  Fitch,  his  wife  and  their  dead  dog.  Fitch,  understandably  upset, 
traced  the  e-mail  to  a  Time  Warner  account  using  the  e-mail  header 
information  and  sued  John  Doe,  obtaining  a  subpoena  from  the  court 
for  Time  Warner  to  release  John  Doe’s  subscriber  information.  John 
Doe,  not  wanting  to  embarrass  himself,  has  been  spending  a  ton  of 
money  to  try  to  stop  the  release  of  his  identity.  (In  the  interest  of  dis¬ 
closure,  Fitch  is  my  father-in-law.  For  the  full  story,  go  to  www.nwfu- 
sion.com,  DocFinder.  2622.) 

It  turns  out  one  of  the  major  arguments  John  Doe’s  attorneys  are 
making  is  that  much  of  the  hoopla  we’ve  heard  out  of  Washington 
about  going  after  spammers  and  protecting  people’s  identity  and  the 
like  has  been  geared  toward  criminal  cases.The  case  law  regarding 
the  civil-case  use  of  subpoenas  and  court  orders  to  release  sub¬ 
scriber  information  is  less  clear. 

Moreover,  trying  to  get  the  police  interested  in  a  situation  like 
Fitch's  —  which  the  Portland  police  thus  far  have  deemed  a  neigh¬ 
borhood  spat  not  worth  their  attention  —  is  almost  impossible.  It 


So  I  stole  your  identity . 


takes  a  lot  of  money  —  damages,  that  is  —  to  get  the  police  involved 
these  days.  So  the  burden  becomes  one  of  having  to  sell  your  crimi¬ 
nal  case  to  the  police  to  get  a  sense  of  justice,  or  having  to  deal  with 
a  far  less  specific  body  of  civil  law. 

I’m  sure  there  are  a  lot  of  lawyers  out  there  who  will  chime  in  with, 
“Well,  what  about  Schintler  v.Boogyman  in  Nebraska,” or  something  like 
that.  Sure,  there  are  probably  isolated  cases  here  and  there,  but  what’s 
been  clear  in  the  coverage  of  the  Fitch  case  is  that:  1)  it’s  hard  to  get  the 
police  excited  about  your  case,  even  when  someone  clearly  has  com¬ 
mitted  a  crime  against  you,  when  the  damages  are  hard  to  prove  and 
more  likely  to  involve  pride  than  the  pocketbook,  and  2)  it’s  harder  to 
make  decent  progress  in  civil  cases  lacking  clear  support  in  the  legis¬ 
lation  and  case  law. 

Take  our  example  of  Enterprise  A.  The  hypothetical  e-mail  could  be 
set  up  to  look  like  a  standard  notification  from  your  company  and 
could  say  totally  factual  things  —  exposing  the  pitfalls  and  downsides 
of  your  product,  in  an  “alert”  to  customers.  Clearly,  this  is  something  of 
which  Competitor  B  could  take  advantage  and  turn  into  sales. 

But  how  do  you  prove  that?  And  even  if  you  prove  it,  do  you  have 
the  money  and  time  to  do  something  about  it?  (Fitch  might  have  to 
wait  a  year  just  to  find  out  if  the  Maine  Supreme  Court  will  order  the 
release  of  John  Doe’s  identity.)  And  lacking  clear-cut  major  revenue 
impact,  will  you  be  able  to  get  the  police  interested  in  your  case? 

Unfortunately  the  law  does  not  appear  to  be  on  our  side.  We  should 
not  have  to  rely  on  proving  to  a  police  investigator  that  situations  such 
as  this  could  be  really  damaging.  Washington  needs  to  reaffirm  the 
intent  of  its  legislation  to  be  binding  in  civil  and  criminal  cases, and  put 
some  real  legal  teeth  into  civil  statutes  to  allow  discovery  of  identities 
in  cases  where  such  flagrant  abuse  has  occurred. 

Briere  is  CEO  of  TeleChoice,  a  market  strategy  consultancy  for  the 
telecommunications  industry.  He  can  be  reached  at  telecom 
catalyst@telechoice.  com. 


.  sue  me! 


Unfortunately, 
the  law  does  not 
appear  to  be  on 
our  side. 


ADVERTISEMENT 


IM  Has  Invaded  the  Enterprise  -  R  U  Concerned? 


Instant  Messaging  is  now  an  enterprise-wide  busi¬ 
ness  requirement.  According  to  IDC,  60-70%  of  all 
enterprises,  large  or  small,  cited  productivity 
improvements,  collaboration  and  best  practices  as  the 
primary  business  drivers  to  adopt  IM  across  all  their 
employees.  IM  has  grown  beyond  use  by  rogue 
enthusiasts  into  an  enterprise-wide  communication 
and  collaboration  tool.  IDC  predicts  that  business 
users  will  account  for  nearly  half  of  the  506  million  IM 
users  expected  online  by  2006. 

Because  the  adoption  of  IM  in  the  enterprise 
accelerated  through  public  IM  networks  like  AOL, 
MSN  and  Yahoo,  IM  usage  has  grown  under  the 
radar,  unmonitored  and  uncontrolled.  As  an  enterprise- 
class  solution,  IM  must  be  managed  and  controlled  as 
a  mission  critical  service,  in  much  the  same  way  as  dial 
tone,  e-mail,  and  Web  access.  IT  organizations  have  to 
balance  IM’s  inherent  productivity  enhancements  with 
secure  management  that  ensures  alignment  with 
company  policy  for  security,  corporate  accountability 
and  regulatory  compliance. 

It  can  be  daunting  to  deploy  an  enterprise-wide 
Instant  Messaging  solution  to  address  the  inherent 
security  and  legal  risks  associated  with  IM.  As  an  IT 
executive  charged  with  meeting  the  company’s  messag¬ 
ing  requirements,  where  should  you  start?  How  can  you 
balance  the  short-term  need  to  get  IM  under  control 
with  longer-term  objectives  of  building  a  scalable, 
reliable,  enterprise-class  IM  infrastructure? 


As  IM  adoption  continues  to  explode, 
the  pressure  is  on  IT  organizations  to 
secure  and  manage  it. 


There  are  6  key  factors  critical  to  deploying 
an  enterprise  IM  infrastructure: 

1.  Certified  Management  for  all  IM  networks 

Employees  need  to  communicate  with  customers, 
partners  and  vendors  who  use  a  variety  of  different  IM 
networks.  Even  after  the  IT  organization  deploys  an 
enterprise  IM  system  internally,  such  as  Microsoft 
Office  Live  Communications  Server  or  IBM  Lotus 
Instant  Messaging  and  Web  Conferencing  (formerly 
Lotus  Sametime),  communication  across  the  firewall 
requires  use  of  the  public  networks.  Enterprise-class 
IM  management  supports  IM  on  multiple  platforms, 
including  AOL,  MSN,  Yahoo  and  IBM,  so  employees 
can  reach  key  business  contacts  regardless  of  network. 

2.  Best-of-breed  Security 

Unfortunately,  with  the  most  pervasive,  fastest 
growing  communication  medium  comes  the  most 
covert  viral  threat.  IM  is  a  conduit  in  and  out  of  an 
organization.  The  IT  department  has  to  guarantee 
security,  compliance  and  policy  management  through 
centralized  deployment  and  management,  for  both 
internal  and  external  IM  usage.  Enterprise-class  IM 
management  solutions  protect  the  organization  with 
comprehensive  policy  enforcement  to  stop  viruses, 
block  SP1M  (Spam  over  IM),  filter  IM  content  and 


control  file  transfer.  They  allow  usage  to  be  controlled 
for  individuals  and  groups.  Identity  management 
restricts  the  use  of  the  organization’s  domain  name 
to  authorized  employees,  mapping  IM  identities  to 
corporate  names  and  preventing  identity  theft. 

3.  Legal  Risk  and  Corporate  Governance 

For  many  businesses,  the  need  to  comply  with 
legal  and  corporate  accountability  standards  like  SEC, 
NASD,  and  HIPAA  is  driving  the  search  for  an  enter¬ 
prise-class  IM  management  solution.  The  problem 
is  about  more  than  logging  and  archiving.  Even  in 
industries  that  are  not  bound  to  regulatory  compli¬ 
ance,  corporate  governance  means  that  companies 
must  conform  to  legal  and  ethical  restrictions  while 
conducting  business.  The  organization’s  corporate 
communications  policies  must  be  applied  to  IM, 
which  faces  the  same  retention  requirements  as 
e-mail.  An  enterprise-class  IM  management  solution 
allows  all  IM  to  be  tracked  across  public,  hosted  and 
enterprise  IM  networks. 

4.  Global  Enterprise-class  Scalability  and  Reliability 

Enterprise  IM  management  has  to  be  highly  avail¬ 
able,  transparent  to  users  and  easy  to  administer.  For 
the  long  term,  IT  departments  need  an  IM  manage¬ 
ment  solution  that  addresses  increases  in  user  num¬ 
bers  and  traffic.  In  large-scale  rollouts,  where  any 
amount  of  desktop  configuration  is  unwieldy  and 
expensive,  deployments  have  to  be  done  without 
touching  the  desktop.  Reliability  and  fault-tolerance 
are  requirements  for  large  global  IM  deployments. 
Scalability  and  performance  were  critical  when 
80,000  seats  were  deployed  at  the  largest  investment 
bank  and  brokerage  firm. 

5.  Seamless  Integration  into  Complex  IT  Environments 

IT  organizations  need  a  solution  that’s  cost-effec¬ 
tive  to  deploy,  and  that  integrates  seamlessly  into  the 
complex  enterprise  IT  environment.  Enterprise-class 
IM  management  has  the  flexibility  to  integrate  with 
best-of-breed  or  corporate-standard  security  prod¬ 
ucts.  The  IM  management  tool  captures  and  delivers 
content  to  third  party  solutions  for  e-mail  archiving 
systems,  anti-virus  and  anti-spam  solutions,  and 
content  filtering  solutions.  For  IM  deployment  and 
maintenance,  the  enterprise  needs  to  be  able  to  lever¬ 
age  existing  LDAP  directories,  to  identify  and  define 
users  and  groups,  and  to  create  IM  management  poli¬ 
cies,  which  are  then  easy  to  administer.  Automatic 
directory  update  capability  assures  the  IM  logging 
stays  in  synch  with  changes.  These  integration  points 
enable  IM  to  be  run  as  an  enterprise-level  service 
without  requiring  significant  new  IT  investment. 

6.  Infrastructure  to  Extend  IM  into  the  Enterprise 

Organizations  looking  to  integrate  instant  messag¬ 
ing  into  every  aspect  of  the  business  need  to  consider 
an  enterprise-class  IM  management  solution.  Imagine 
a  future  where  IM  is  ubiquitous,  integrated  into  most 
of  the  enterprise’s  business  applications.  IM’s  charac¬ 
teristics,  including  presence  awareness,  immediacy, 
multi-party  communication  and  anytime-anywhere 
access  combine  with  business  applications  to  create 
an  opportunity  for  real-time  advantage.  By  combining 


the  awareness  of  available  colleagues  with  the  ability 
to  collaborate  in  place,  using  business  knowledge,  IM 
can  become  the  backbone  of  a  new  breed  of  business 
applications  and  processes  that  produce  additional 
benefits  for  the  enterprise. 

IMlogic  is  pleased  to  offer  a  number 
of  resources  to  help  you  make 
educated  decisions  on  the  right  IM 
strategy  for  your  company.  Go  to 
www.imlogic.com/networkworld.htm 
to  access  these  FREE  downloads. 

As  IM  adoption  continues  to  explode,  the  pressure 
is  on  IT  organizations  to  secure  and  manage  it.  By 
putting  an  enterprise-class  infrastructure  in  place,  the 
enterprise  is  poised  to  take  advantage  of  the  next  gen¬ 
eration  of  IM-powered  applications.  With  enterprise- 
class  IM  infrastructure,  IT  administrators  are  readying 
the  organization  for  a  future  in  which  IM  is  integrated 
into  every  part  of  the  business  process,  increasing 
responsiveness  and  driving  revenue. 

IMlogic’s  Solution  for  Enterprise  IM 

IMlogic  addresses  these  needs  for  over  400,000 
enterprise  users  with  the  industry-leading  IM  man¬ 
agement  solution,  IM  Manager. 

IMlogic  IM  Manager  brings  centralized  control, 
reporting,  and  security  to  traditionally  unmonitored 
and  uncontrolled  enterprise  IM  usage.  Its  extensible 
architecture  enables  companies  to  leverage  existing 
security  infrastructures,  or  incorporate  best-of-breed 
and  corporate-standard  solutions  in  order  to  acceler¬ 
ate  deployment  time  and  minimize  risk.  IM  Manager 
is  powered  by  the  IMpulse™  engine,  patent-pending 
core  technology  developed  in  partnership  with  IM 
technology  leaders  that  ensures  the  scalability,  relia¬ 
bility,  and  performance  of  mission-critical  IM  traffic. 
Recognized  as  the  most  widely  deployed  IM 
Management  system  today,  the  IMpulse™  engine  is 
the  most  trusted  technology  for  enterprise  IM  usage 
available  in  the  market. 

All  IM  management  solutions  are  NOT  created 
equal.  IMlogic  is  the  only  company  offering  long¬ 
term,  enterprise-class  IM  infrastructure  solutions. 
IMlogic’s  product  suite  provides  the  most  comprehen¬ 
sive,  easily  deployed  solution  for  enterprise  IM  man¬ 
agement  and  application  integration.  For  more  infor¬ 
mation  and  free  downloads,  including  an  IM  detection 
tool  and  a  white  paper  on  IM  Security,  go  to 
www.imlogic.com/networkworld.htm  or  email  us  at 
info@imlogic.com. 


Sponsored  by 

IMlogic 

IM  makes  it  possible.  IMlogic  makes  it  work. 


For  more  information  and  FREE  downloads, 
including  an  IM  detection  tool  and  a  white  paper  on  IM  Security,  go  to 
www.imlogic.com/ networkworld.htm  or  email  us  at  info@imlogic.com. 
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If  you 

Like  it  or  not,  instant  messag¬ 
ing  has  become  a  valid  form 
of  communication  within  the 
enterprise.  The  real  chal¬ 
lenge  is  to  control  IM  to  make 
sure  it  doesn't  sting  you  or 
your  company.  Network  World 
has  got  you  covered,  with  test 
results  and  more  options  on 
finding  tools  that  can  help 
you  out. 


IM  is  here  to  stay;  companies  need  to  find  ways  to  control  it 


IM  SECURITY  RISKS 


BY  CHRISTINE  PEREY,  NETWORK  WORLD  LAB  ALLIANCE 


Like  every  new  technology,  it  comes  with  its 
own  set  of  risks.  Learn  about  the  top  five 

threats  to  your  IM  platform.  Page  34 

CLEAR  CHOICE  TEST 


Akonix's  L7  Enterprise  tops  the  field  in  a 
strong  group  of  IM  monitoring  and  manage¬ 
ment  tools,  all  designed  to  help  control  the  IM 
universe.  Page  36 

ONLINE  BUYER'S  GUIDE 

Check  out  our  latest  online  buyer’s  guide  on 
the  IM  management  space.  Choose  what  cat¬ 


Instant  messaging  was  never  invited 
to  the  communications  party  in  the 
enterprise  —  it  crashed  the  party 
and  now  IT  managers  must  find  a 
way  to  control  IM  before  the  dining 
room  table  gets  smashed. 

Radicati  Group  recently  estimated  that  IM  is  being  used 
in  85%  of  all  companies  worldwide.  The  total  number  of 
unsecured  public  IM  service  users  (the  AOLs, Yahoos  and 
MSN  Messengers  of  the  world)  in  the  workplace  are 
expected  to  exceed  125  million  by  mid-2004,up  from  100 
million  users  nine  months  ago,  and  five  times  the  number 
of  users  from  2002. 

The  meteoric  rise  of  public  IM  users  is  a  direct  result  of 
the  strong  perceived  benefits  on  the  part  of  IM  users. 


Finding  the  status  of  a  co-worker  or  friend  via  a  persistent 
Internet  or  intranet  connection,  being  able  to  send  a  short 
text  message  in  real  time  to  anyone  “alive”  on  the  server, 
and  the  lack  of  friction  many  users  face  when  installing 
and  adopting  the  public  IM  service  all  contribute  to  IM’s 
success.  Technology  built  into  Windows  XP  (Windows 
Messenger)  does  not  require  technical  support  or  training. 
If  an  employees  operating  system  does  not  already 
include  the  Messenger  client  (or  another  service  is 
desired),  those  with  Internet  access  and  the  knowledge  of 
installing  an  application  on  a  PC  are  minutes  away  from 
being  up  and  running. 

But  the  risks  of  leaving  IM  unmanaged  in  corporations 
are  well  documented.According  to  a  Radicati  study, threats 
to  enterprise  security  (including  viruses  and  worms  intro¬ 
duced  via  IM),the  need  to  comply  with  industry  or  federal 
regulations,  and  concerns  about  the  inappropriate  release 
of  confidential  data  (see  “Top  5  IM  security  risks,”  page  34) 
will  cause  nearly  20%  of  all  IT  managers  to  take  steps  to 


egories  you  want  to  separate  the  products  by, 
or  get  complete  details  on  nine  products  from 
Akonix,  Blue  Coat  Systems,  DYS  Analytics, 
FaceTime,  IM-Age,  IMIogic  and  Zone  Labs.  Or 
check  out  our  other  online  buyer's  guides, 
including; 

Collaborative  workspaces:  17  products 
from  14  companies,  including  Microsoft,  IBM 
Lotus  and  Documentum. 

Webconferencing:  27  products  from  23 
companies,  including  WebEx,  IBM  Lotus.  First 

Virtual  and  Santa  Cruz  Networks. 

Anti-spam: The  largest  anti-spam  buyer's 
guide  ever  produced,  with  115  products  from 
more  than  90  companies. 

Fmd  these  buyer's  guides  at 

www.nwfusion.com,  DocFinder:  2643 


Eight  benefits  of  IM 

To  justify  the  use  of  IM  in  an  enterprise,  Matt  Cain  of  Meta  Group  suggests  the  following: 

1.  Phone  displacement:  For  geographically  dispersed  environments,  IM  can  be  used  as  a  substitute  for  short- 
duration  phone  calls,  eliminating  expenses. 

2.  Back  channel:  IM  is  used  to  augment  other  communication  channels.  For  example,  if  team  members  are 
talking  with  an  external  client  on  the  phone,  IM  can  be  used  between  internal  team  members  to  plot  strategy  or 
to  help  clarify  points. 

3.  Immediacy:  IM  can  help  cut  through  desktop  clutter,  resulting  in  immediate  responses.  For  time-sensitive 
business  processes,  such  as  customer  service,  crisis  management  and  problem  resolution,  IM  is  key. 

4.  Emergencies:  IM  is  a  vehicle  for  rapidly  disseminating  critical  information  to  the  entire  company,  groups  or 
individuals  in  cases  of  natural  catastrophes,  health  issues,  network  outages  or  schedule  changes.  Sometimes 
the  IM  network  will  remain  up  when  phone  and  e-mail  systems  are  down. 

5.  Bonding:  IM  can  provide  a  link  among  dispersed  workgroups.  Ad  hoc  contacts  are  made  more  productive  by 
the  ability  to  quickly  add  other  team  members  to  the  workgroup. 

6.  Find-me  service:  IM-to-Short  Messaging  Service  gateway  services  can  be  used  to  route  instant  messages 
to  cell  phones. 

7.  Experts  on  demand:  IM  systems  can  help  users  quickly  reach  out  to  experts  for  instant  consultations,  or 
for  surveying  multiple  experts  at  once. 

8.  Self-service:  Person-to-machine  IM  services,  which  let  users  query  human  resource  virtual  agents  for 
information  on  benefits  or  enrollment,  or  which  let  sales  staff  gain  access  to  data,  can  help  expedite  business 
cycles. 
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biock  employees  {rom  using  public  IM  services  when  they 
are  registered  with  the  enterprise  identity  management 
infrastructure. 

Yet  completely  shutting  down  public  IM  usage  likely  will 
elicit  phone  calls  from  avid  users  within  hours,  if  not  min¬ 
utes.  Many  highly  productive  employees  rely  on  their 
buddy  lists  to  accelerate  workflow  and  manage  mission- 
critical  processes.  When  their  lifeline  to  partners  and  team 
members  worldwide  gets  closed  down,  they  frequently 
don’t  want  to  return  to  old  communications  and  messag¬ 
ing  technologies,  such  as  the  telephone,  fax  and  e-mail. 

In  a  Meta  Group  research  report  titled  “Justifying  instant 
messaging  investments,”  Matt  Cain  writes  that  IT  managers 
lobbying  management  for  either  an  enterprise  IM  platform, 
or  IM  monitoring  and  management  systems  that  can 
enforce  public  policies  around  public  IM  (see  Clear 
Choice  Test,  page  36)  should  develop  their  case  on  as 
many  as  eight  points  (see “Eight  benefits  of  IM,”page  33). 

Reduce  e-mail  and  phone  tag 

Two  key  points  that  can  help  justify  an  investment  in  IM 
are  the  telephone  infrastructure  displacement  and  the 
reduced  growth  of  e-mail  infrastructure. 

“Presence  information  can  be  used  to  eliminate  tele¬ 
phone  tag  by  enabling  users  to  determine  when  others  are 
in  the  office  and  available,”  Cain’s  report  says.  His  study 
estimates  more  than  60%  of  business  phone  calls  end  up 
in  voice  mail. “Pulling  together  team  members  for  a  quick 
conference  call  via  IM  can  be  far  simpler  than  arranging 
for  a  phone  conference,  and  far  less  expensive  if  multiple 
continents  are  involved,”  his  report  says.  According  to 
Meta, IBM  saw  a  4%  reduction  in  phone  expenses  because 
of  an  increased  use  of  IM.  IBM  generates  up  to  3.5  million 
messages  per  day  from  its  internal  operations,  Meta  says. 

Similarly,  IM  usage  is  believed  to  lighten  the  load  on  the 
e-mail  infrastructure  at  some  companies,  especially  in 
cases  where  file  transfers  over  IM  avoid  passing  through 
the  e-mail  server.  Although  the  network  bandwidth  usage 
remains  the  same,  transferring  over  IM  helps  reduce  stor¬ 
age  and  back-up  costs  on  the  e-mail  server. 

The  softer  side 

It  is  more  difficult  to  quantify  the  bottom-line  benefits  of 
employees  having  immediate  answers  to  questions 
(access  to  experts  on  demand)  and  a  closer  and  more 
collaborative  relationship  with  peers  and  superiors.  By 
some  analyst  estimates,  the  changes  to  workflow  made 
possible  by  enterprise  IM  systems  is  equal  to  or  more 
important  than  the  dollar  savings,  because  new  workflows 
can  reduce  the  need  for  administrative  personnel, 
improve  morale  among  employees  who  feel  more  con¬ 
nected  to  remote  teams,  and  accelerate  the  speed  at 
which  emergencies  are  addressed. 

It  might  be  difficult  to  defend  rigorous  ROI  calculations 
for  IM  investments,  in  part  because  the  communications 
needs  of  employees  vary  so  widely  Employees  with  exter¬ 
nal  communications  responsibilities  will  need  greater  sup¬ 
port  in  using  public  IM  services, while  employees  who  com¬ 
municate  primarily  with  other  employees  might  benefit 
more  from  an  internally  deployed  and  managed  enterprise 
IM  platform. 

It’s  clear  that  IM,the  unruly  and  uninvited  guest,  is  a  risk 
to  the  status  quo  in  enterprise  communications.  Like  it  or 
not,  the  party  crasher  is  getting  stronger  and  more  man¬ 
ageable.  By  investing  moderately  in  monitoring  and  man¬ 
agement  systems  that  will  consistently  and  openly  build 
and  convey  usage  guidelines,  and  enforce  these  policies 
automatically  IT  organizations  can  more  easily  focus  their 
attentions  on  the  positive  aspects  of  the  new  real-time  com¬ 
munications  part)'. 

Percy  is  president  of  Perey  Research  &  Consulting,  a  firm 
dedicated  to  the  expansion  of  the  rich  media  communica¬ 
tions  market  She  can  be  reached  at  cperey@perey.com. 


Top  5  IM  security  risks 


1.  Viruses  and  worms  over  INI. 

Out  of  the  top  50  viruses  and  worms  over  the 
past  six  months,  19  of  them  used  peer-to-peer 
or  IM  applications.  Most  viruses  are  sent 
through  file  transfers,  which  bypass  tradition¬ 
al  gateway  and  anti-virus  security.  Public  IM 
clients  also  have  publicized  vulnerabilities, 
where  flaws  such  as  buffer  overflows  and 
boundary  condition  errors  have  been  exploited 
to  spread  viruses,  worms  or  denial-of-service 
attacks. 


2.  Identity  theft/authentication  spoofing. 

Public  IM  systems  let  individuals  create  anonymous  identities,  which  do  not 
map  to  e-mail  addresses.  IDs  can  be  created  even  if  the  IDs  and  domains  are 
not  owned  by  that  individual  (“billgates”  or  “johnchambers,”  for  example). 
Spoofing  creates  risk,  as  these  IDs  can  be  used  maliciously,  outside  the  con¬ 
trol  of  the  IT  security  department. 


3.  Firewall  tunneling. 

IM  clients  find  ways  to  tunnel  through  firewalls,  creating  risk.  Most  IM  services 
come  through  well-publicized  ports  (5190  for  AOL  Instant  Messenger,  1863  for 
MSN  and  5050  for  Yahoo),  but  IM  clients  also  can  exploit  any  open  port  on  the 
firewall,  including  those  used  by  other  applications  (such  as  Port  80  for  Web  and 
HTTP  traffic).  Some  clients  also  can  connect  via  peer-to-peer  connections  or 
establish  connections  on  randomly  negotiated  ports. 


4.  Data  security  leaks. 

Unmonitored  content  leaving  the  corporation 
without  the  knowledge  of  the  information  security 
department  introduces  legal  and  competitive  risk 
(such  as  a  CFO  sending  a  confidential 
spreadsheet  via  IM  without  an  audit  trail). 

File  transfer  over  IM  is  a  powerful  way  to 
send  information  beyond  the  tracing  capa¬ 
bilities  of  the  IT  department.  The  lack  of 
content  filtering  and  archiving  makes  it  dif¬ 
ficult  for  IT  to  discover  potential  breaches 
of  policy  or  to  hold  individuals  accountable. 
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Instant  message 


Spimjerk:  Get  the  patch! 
Amaze  your  mate  and 
enlarge  yoii 


guarantee! 


Instant  message 


Spimtruder  Low  rates! 
Refinance  now  and  we 
will  deliver  a  truckload 
of  cash  to  your  door! 


5.  S|  m. 

I M logic  says  that  5%  to  7%  of  IM 
traffic  today  is  spim  (instant 
messaging  spam),  Spim  can  be 
more  disruptive  than  e-mail 
spam,  as  it  is  more  intrusive 
(the  pop-up  spim  interrupts  the 
user)  and  generally  of  a  more 
sexually  offensive  nature  (lead¬ 
ing  to  human  resources  and 
legal  risk). 
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CASE  STUDY: 

RPU  Gets  a  Handle  on  IM 

Company:  Rochester  Public  Utilities  (RPU), 
Rochester,  Minn. 

Industry:  Utilities  (municipal  electric  and  water) 


Problem:  Concern  with  instant  messaging 
security  and  customer  self  service 
integration 


Solution:  Akonix  L7  Enterprise  for  IM  compli¬ 
ance,  management  and  security 


Result:  RPU  users  maintain  the  benefits 

of  IM  communications  with 
customers  and  partners,  without 
compromising  regulatory  compli¬ 
ance  and  network  security 


Rochester  Public  Utilities  continually  investi¬ 
gates  innovative  technologies  to  help  customers 
realize  the  best  value  from  the  services  they 
receive.  As  a  public  utility  providing  electric  and 
water  service  to  tens  of  thousands  of  customers, 
RPU  doesn't  take  kindly  to  anything  that  might 
disrupt  the  reliability  of  its  operations.  So  when 
it  detected  some  of  its  250  network  users  were 
employing  public  instant  messaging  (IM)  services, 
it  decided  to  take  control  of  the  situation  before 
it  got  out  of  hand. 

From  a  business  perspective,  RPU  recognized 
that  IM  served  a  valuable  communications  func¬ 
tion,  so  it  didn't  want  to  try  and  ban  use.  Rather, 
RPU  took  a  proactive  approach  by  defining  the 
rules  under  which  employees  could  use  IM,  while 
adhering  to  required  logging  and  security  policies. 

To  enforce  those  rules,  RPU  opted  for  an  IM 
management  solution  from  Akonix.  Specifically, 
the  Akonix  L7  Enterprise  solution  allowed  RPU  to: 

•  Detect  and  manage  all  the  major  public  IM 
protocols 

•  Apply  usage  polices  to  individuals  or 
groups  of  users 

•  Log,  archive  and  review  IM  communica¬ 
tions  as  required  by  industry  regulations 

•  Secure  internal  messages  within  the  enter¬ 
prise  network 

•  Stop  conversations,  messages  and  attach¬ 
ments  that  violate  corporate  policy  or 
place  the  network  at  risk 

•  Block  all  unauthorized  IM  use  and  all 
peer-to-peer  file-sharing 

•  Integrate  public  IM  services  with  its  internal 
enterprise  IM  solution,  Microsoft  Live 
Communications  Server,  for  unified 
compliance  archiving  and  reporting 

"Not  only  has  Akonix  L7  Enterprise  given 
RPU  peace  of  mind  in  regards  to  securing  our 
network  and  making  sure  we  are  in  full 
compliance,  but  culturally  IM  use  is  becoming 
widely  accepted,"  says  Matt  Bushman,  IT 
analyst  at  RPU.  "Employees  are  seeing  huge 
productivity  gains  by  being  able  to  easily  and 
immediately  communicate  with  both  internal 
and  external  contacts." 

s _ ) 


Managing  IM  in  the  Enterprise 

Akonix  offers  enterprises  a  simple  solution  to  a  growing  problem: 
Controlling  the  use  of  instant  messaging. 


NOT  SO  LONG  AGO,  instant  messaging  (IM) 
belonged  almost  exclusively  to  the  youngest  gener¬ 
ation  of  Internet  users,  who  used  it  to  communicate 
with  friends.  But  the  technology  has  quickly 
expanded  to  find  an  important  place  in  the  business 
world.  In  fact,  the  research  firm  Giga  Information 
Group  has  predicted  that  workplace  IM  usage  will 
exceed  email  use  by  2006. 

Today,  more  than  74%  of  IM  use  within  company 
walls  comes  from  employees  using  networks  like 
Yahoo!  Messenger,  America  Online's  Instant 
Messenger  (AIM)  and  Microsoft's  MSN  Messenger, 
according  to  Nemertes  Research.  It's  easy  to  under¬ 
stand  why;  these  IM  networks  are  free,  easy  to  use 
and  more  than  a  little  contagious. 

Corporate  IM  users  quickly  fall  in  love  with  the 
ability  to  communicate  instantly,  internally  or 
externally.  By  contacting  customers,  partners  and 
remote  employees  in  real-time,  users  can  improve 
collaboration,  reduce  telecom  costs  and  eliminate 
the  delays  caused  by  unanswered  voice  mail  and 
email. 

Unfortunately,  unmanaged  IM  use  presents  IT  and 
security  staff  with  a  new  problem.  Since  it  bypasses 
established  compliance,  security  and  corporate 
policy  controls,  IM  can  introduce  viruses,  worms  and 
other  malicious  content  onto  the  corporate  network. 
Similarly,  corporate  IM  users  can  easily  expose 
confidential  customer  data,  intellectual  property  and 
proprietary  company  information. 

In  many  corporations,  IM  use  may  even  give  rise  to 
violations  of  specific  regulations,  including  Securities 
and  Exchange  Commission  (SEC)  rules,  Sarbanes- 
Oxley  requirements  and  Health  Insurance  Portability 
and  Accountability  Act  (HIPAA)  regulations. 

Given  these  serious  issues,  organizations  are  faced 
with  a  challenge:  How  to  maintain  employee  access 
to  IM  without  being  left  vulnerable  to  security  threats 
and  compliance  violations. 

Take  Control,  Expand  the  Benefits 

As  with  other  new  technologies,  such  as  email  and 
Web  access  in  the  1990s,  companies  need  to  imple¬ 
ment  and  enforce  corporate  security  and  usage  poli¬ 
cies  in  order  to  successfully  and  safely  embrace  IM  as 
a  strategic  business  communications  application. 

First,  corporate  IT  must  gain  control  of  workplace 
IM  use:  identify  users,  monitor  and  log  activity,  apply 
corporate  policies  and  close  security  loopholes. 
Once  IM  use  is  subject  to  company  policy,  complies 
with  regulations  and  has  appropriate  security  protec¬ 
tions,  IM's  benefits  to  the  business  expand  rapidly. 

Although  IM  use  may  have  started  in  small 
departmental  pockets,  once  it  is  officially  sanctioned, 
companies  typically  find  that  IM's  advantages  quickly 
spread  throughout  the  organization.  On  the  horizon 
are  new  ways  to  leverage  the  power  of  IM  and 


"presence"  data  within  corporate  applications  and  IT 
infrastructures  that  go  well  beyond  person-to-person 
communications. 

Akonix  Systems,  Inc.,  based  in  San  Diego,  Calif., 
offers  the  leading  enterprise  IM  management 
solution,  providing  the  means  to  get  control  of  IM 
with  enterprise-class  compliance,  security  and 
management.  The  company's  flagship  software 
product,  Akonix  L7  Enterprise,  deploys  within  the 
corporate  network  and  acts  as  a  proxy  for  all  IM 
traffic;  immediately,  all  IM  use  can  be  monitored 
and  archived,  authenticated  with  corporate  creden¬ 
tials,  and  subjected  to  security,  confidentiality  and 
other  corporate  policies.  Akonix  L7  Enterprise 
supports  all  major  IM  systems,  including  AIM,  MSN 
Messenger,  Yahoo!  Messenger,  ICQ,  Reuters 
Messaging,  IBM/Lotus  Sametime,  Microsoft  Live 
Communications  Server  and  Jabber,  providing  a 
single  point  for  IM  policy  and  compliance 
management. 

Akonix  L7  Enterprise  is  easy  to  implement, 
requires  no  adjustments  to  client  machines  or  user 
behavior,  and  scales  to  support  tens  of  thousands  of 
users.  Akonix's  patent-pending  real-time  architecture 
and  unique  industry  partnerships  ensure  support  for 
even  more  advanced  IM  integration  as  the  market 
develops. 

In  most  organizations,  hundreds  or  even 
thousands  of  employees  are  already  using  IM  for 
business  communications.  Unfortunately,  such 
unmanaged  use  may  be  putting  their  organizations 
at  risk.  By  creating  proper  security,  compliance  and 
usage  policies,  and  enforcing  them  through  a 
proven  management  system,  companies  can  move 
from  ignoring  or  fearing  IM  to  embracing  it  as  a  new 
weapon  for  competitive  advantage,  productivity  and 
cost  reduction. 


Learn  more  about 


Akonix's  Award  Winning 
IM  Management  Solutions 


Visit  www.akonix.com/ nww  for  a 
copy  of  our  FREE  "IM  Guide  for 
Executives"  or  to  request  a  FREE  trial 
of  Akonix  L7  Enterprise. 


www.akonix.com/nww 


Sponsored  by 


Akonix!^ 

Solutions  for  Enterprise  IM *  * ’ 


IM  management  tools 


Taking  the  mess  out  of  instant  messaging 

■  BY  CHRISTINE  PEREY  AND  TRAVIS  BERKLEY,  NETWORK  WORLD  LAB  ALLIANCE 

Instant  messaging  has  established  a  foothold  in  corporations.  Its  easier  and  faster  to 
check  an  IM  client  to  see  if  someone  is  online  and  shoot  off  a  quick  question  than  to 
send  an  e-mail  and  wait  for  a  response.  But  the  unanswered  question  is  how  companies 
should  manage  the  security,  liability  and  productivity  risks  of  IM  and  ensure  compliance 
with  federal  and  corporate  policies,  while  supporting  this  maturing  avenue  for  real-time 
or  just-in-time  information  exchange. 


While  major  corporate  IM  platforms 
address  monitoring  and  management,  a 
lot  of  IM  usage  in  business  comes  from 
the  three  public  IM  services:  AOL  Instant 
Messenger,  Yahoo  Messenger  and  Micro¬ 
soft  MSN  Messenger.  A  new  set  of  IM  man¬ 
agement  products  have  arrived  to  ad¬ 
dress  the  monitoring  and  management 
of  IM,  whether  it’s  an  enterprise  platform 
or  a  public  service. 

We  took  a  close  look  at  four  very  good 
products  that  can  help  network  man¬ 
agers  improve  control  and  reduce  poten¬ 
tial  risks  of  IM  on  a  corporate  network.We 
looked  at  Akonix’s  L7  Enterprise,  Face- 
Time  Communications’  IM  Auditor,  IM- 
Age  Software’s  IM  Policy  Manager  and 
IMlogic’s  IM  Manager.  Using  these  prod¬ 
ucts,  a  business  can  gain  control  over 
how  IM  is  being  used  without  having  to 


do  a  “forklift  upgrade”  to  their  IM  system. 

All  the  products  we  tested  do  the  basics 
very  well,  and  will  meet  many  enterprise 
needs.  The  products  log  traffic,  apply  re¬ 
quired  policies  and  forward  messages  for 
delivery,  if  appropriate. They  all  were  very 
adept  at  the  most  basic  function  of  log¬ 
ging  traffic  into  a  database  for  later  re¬ 
view.  This  core  function  is  treated  so 
straightforwardly  by  all  four  products  that 
it  is  almost  mundane. 

Each  product  also  offers  unique  fea¬ 
tures  that  might  make  it  a  good  fit  for 
your  enterprise  network.  All  four  prod¬ 
ucts  are  mature  enough  for  an  enterprise 
deployment. 

That  said,  we  award  the  Clear  Choice 
Award  to  Akonix’s  L7  Enterprise  for  offer¬ 
ing  a  little  more.  From  the  extra  details  of 
its  policy  management,  to  the  ability  to 


automatically  run  and  deliver  cus¬ 
tomized  reports,  Akonix  came  out  ahead 
of  the  other  platforms. 

A  fine-toothed  comb 

Each  system  we  tested  offers  adminis¬ 
trators  a  complete  set  of  policies  and 
configurations,  immediately  available 
upon  installation.  While  this  is  a  great 
start,  we  found  that  L7  Enterprise  goes  a 
step  further  by  offering  customization  of 
specific  users  groups.  With  L7  Enterprise 
an  administrator  can  create  detailed 
rules  and  policies.This  difference  is  most 
noticeable  in  managing  file  transfers. 
While  the  policies  in  the  other  three 
products  amount  to  yes/no  propositions, 
Akonix  lets  administrators  govern  file 
transfers  by  type,  size  or  time  of  day  For 
example, with  the  other  three  products 


you  would  be  hard-pressed  to  create  a 
single  policy  rule  to  allow  only  the  mar¬ 
keting  group  to  send  PDFs  and  JPEGs 
between  8  a.m.and  5  p.m. 

Akonix  also  included  the  ability  to 
apply  these  rules  based  on  IP  address, 
IM  handle  and  other  standard  user  iden¬ 
tity  management  systems.  This  is  partic¬ 
ularly  useful  if  you  have  roaming  users 
with  laptops.  Their  credentials  and 
screen  names  won’t  change,  but  there 
might  be  times  when  you  want  to  add 
restrictions  (such  as  when  they  are  con¬ 
nected  through  a  VPN). 

The  other  three  products  also  offer 
solid  policy  management.  For  example, 
IMlogic  has  a  default  rule  set  that  is 
globally  applied.  System  administrators 
then  can  create  user  groups  to  which 
they  can  apply  different  settings.The  file 


Net  Results 


OVERALL  RATING 


L7  Enterprise 


NetworkWorld 


Company:  Akonix, 
www.akonix  .com. 

Cost:  $3  850  for  50  |  clear  CHOICE  KDI 

users;  additional  * 
costs  for  Enforcer  and  Compliance  Manager. 
Pros:  Robust  and  flexible  policy  manage¬ 
ment  system,  plug-in  architecture,  support 
for  multiple  operating  systems,  directory 
services  vendors  and  IM  platforms;  anti¬ 
virus  engine  tightly  integrated  into  package. 
Cons:  Complex  application  could  require 
instruction,  time  to  set  up  correctly;  no 
choice  in  anti-virus  vendor. 


IM  Auditor,  Guardian 
and  RTG500 


Company:  FaceTime  Communications, 
www.facetime.com.  Cost:  IM  Auditor: 
$25,000  for  500  users;  IM  Guardian:  starts 
at  $2,500;  RT G500:  starts  at  $5,000.  Pros: 
Easy  to  use,  intuitive  Web  interface;  DMZ  / 
border  product  available  as  software 
(Guardian)  or  hardened  Linux  appliance 
(RT G500);  can  create  separate  reviewers 
with  limited  scope  for  group  management; 
flexibility  in  anti-virus  engine.  Cons: 
Policies  lack  detail;  management  of  anti¬ 
virus  not  integrated  into  interface,  cannot 
save  or  schedule  reports. 


IM  Policy  Manager 


Company:  IM-Age,  www.im-age.com. 
Cost:  $2,000  per  year  for  Server  Console 
(not  required  for  client  install  only,  but  used 
for  management  and  data  storage);  $15 
per  user,  per  year;  data  hosting  also  $15 
per  user,  per  year.  Pros:  Combination 
gateway  and  optional  client  application 
allows  monitoring  by  users  not  on  enter¬ 
prise  network;  only  system  tested  that  can 
encrypt  IM  sessions  and  file  transfers. 
Cons:  Installing  client  requires  access  to 
all  employee  computers;  lacks  integrated 
anti-virus  and  spim  control  systems. 


IM  IV  nagerB.O 


Company:  IMlogic,  www.imlogic.com. 
Cost:  $2,500  for  100  users.  Pros: 
Comprehensive  offering,  including 
gateways  between  IM  services  for  multi- 
IM  environments  and  federation  between 
corporations;  easy  installation  and 
management  via  Web  interface; 
relationships  with  all  IM  industry  players 
assures  maintenance  of  control  as  IM 
systems  evolve.  Cons:  Lack  of  fine  detail 
in  policy  control,  cannot  save  or  schedule 
reports. 


The  breakdown 

Akonix 

FaceTime 

IM-Age 

IMlogic 

Policy  control  and  granularity  30% 

5 

4 

3.5 

4 

logging/archiving/ reporting  30% 

4.5 

3.5 

4 

3.5 

Installation  15% 

4 

4 

4 

4 

User  experience  10% 

4 

4 

4 

4 

Directory  integration  5% 

5 

4 

1 

4 

Non-INI  authentication  5% 

4 

5 

4 

Unique  features  5% 

4 

3 

5 

3 

TOTAL  SCORE 

4.5 

3.8 

3.8 

3.8 

‘  5:  Exceptional;  4:  Very  good;  3:  Average:  2:  Below  average;  1:  Consistently  subpar 
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Monitoring  IM  and  Web  traffic 

Stellar  Technologies  offers  its  Stellar  Internet  Monitoring  (www. 

stellarim.com)  product  as  a  way  for  companies  to  monitor  employee 
Internet  usage  and  policy  violations.  Stellar  IM  monitors  instant  mes¬ 
saging,  but  it  is  only  a  part  of  the  entire  system.  The  system  also  monitors 
Web  surfing  and  other  HTTP  activity. 

Although  Stellar  IM  is  not  designed  to  manage  IM  usage  or  enforce  poli¬ 
cies,  it  does  log  IM  sessions  conducted  on  Yahoo,  AOL  Instant  Messenger 
and  MSN,  and  lets  administrators  review  and  search  the  archives.  If  an 
employee  breaches  a  policy,  such  as  sending  or  receiving  a  file  via  IM  ses¬ 
sion,  Stellar  IM  will  send  an  e-mail  alert  to  an  administrator. 

We  set  up  an  account  with  Stellar's  Web-based  service. The  user  portal 
is  attractive  and  easy  to  use.The  system  lets  administrators  set  up  an 
organization  account,  map  users  (employees)  manually  or  automatically 
via  IP  address.  A  directory  of  people  is  generated  based  on  their  logon 
names  used  when  signing  onto  their  corporate  network. 

The  Stellar  IM  system  we  tested  is  optimized  for  environments  where  a 
software  application  can  sit  on  a  server  (shared  or  dedicated)  and  sniff 
traffic  as  it  enters  and  leaves  the  network.  With  the  Web-based  service  and 
Enterprise  edition,  the  sniffing  agents  can  be  distributed  at  several  points  in 
a  corporate  network  to  capture  information  about  traffic  on  different  net¬ 
work  segments.  All  agents  automatically  communicate  in  real  time  with  the 
Stellar  IM  management  application  via  a  Secure  Sockets  Layer  tunnel. 

The  strength  of  the  system  is  that  the  management  application  can  be 
hosted  by  Stellar,  and  is  accessible  to  network  account  owners  via  the 
Internet  with  a  standard  Web  interface.  One  feature  that  might  interest  the 
business  side  of  your  company  is  the  ability  to  generate  a  report  that  shows 
the  amount  of  corporate  resources  spent  on  a  particular  task  (or  Web  site 
visited)  based  on  an  average  hourly  wage  entered  in  the  calculator. 

While  it  has  merits,  we  would  not  recommend  this  for  a  technologically 
astute  employee  base.The  architecture  can  be  circumvented  easily 
through  a  VPN  connection. The  VPN  would  then  carry  Internet  traffic 
using  any  encryption  that  is  not  controlled  by  central  IT,  and  IM  sessions 
(or  any  Internet  activity)  could  continue  without  Stellar  technology  detec¬ 
tion,  as  it  cannot  see  inside  of  the  encrypted  tunnel. 

—  Christine  Perey  and  Travis  Berkley 


transfer  policy  is  yes/no  but  can  be 
applied  on  a  group-by-group  basis.  Like 
wise,  you  can  create  a  different  list  of 
words  and  phrases  to  block  different 
groups  or  departments. You  also  can  cus¬ 
tomize  your  disclaimer  text  for  each 
group.  For  content  filtering,  lists  of  words, 
phrases  or  URLs  can  be  created  to  trigger 
additional  actions  (alerts  to  the  adminis¬ 
trator,  for  example). 

The  message  can  be  blocked,  although 
no  differentiation  is  made  between  in¬ 
bound  and  outbound.  The  system  can 
notify  the  sender  of  an  infraction  and 
send  an  e-mail  to  system  administrators 
or  make  an  entry  into  the  Windows 
event  log.  These  filtering  rules  can  be 
applied  to  specific  groups,  universally  or 
individually  per  user. 

FaceTime’s  IM  Auditor  boasts  similar 
capabilities.  A  set  of  global  permissions 
is  applied  by  default  until  an  adminis¬ 
trator  creates  groups  to  further  custom¬ 
ize  the  permissions.  Again,  file  transfer 
permissions  are  yes/no,  and  can  be 
applied  to  each  group  differently.  One 
interesting  addition  in  IM  Auditor  is  a 
policy  for  whether  the  IM  clients  can  use 
the  built-in  audio  and  video  features,  or 
play  the  built-in  games.  Another  interest¬ 
ing  difference  is  that  FaceTime  sepa¬ 
rates  content-filtering  functions  from 
system-administration  functions  and 
makes  them  part  of  the  global  reviewer’s 
functions.  A  global  reviewer  can  create 
words  and  phrases  to  watch  for,  and 
specify  a  group  or  groups  to  which  a 
new  rule  is  applied.  The  policy  can 
include  whether  a  message  should  be 
blocked  inbound  and/or  outbound, and 
whether  someone  should  be  alerted  by 
e-mail  when  an  infraction  occurs. 

IM-Age  lets  system  administrators  cre¬ 
ate  customized  rule  sets  for  different 
groups  of  users.  IM-Age  calls  these  con¬ 
figurations,  because  the  rule  sets  also 
might  include  instructions  on  how  the 
IM-Age  client  should  behave.  The  word¬ 
blocking  function  groups  the  words  and 
phrases  into  categories  (such  as  project 
codes, sales  or  foul  language)  to  make  it 
easier  to  apply  to  different  groups.  How¬ 
ever,  you  can  use  the  word-blocking 
function  only  when  using  the  IM-Age 
client,  and  then  only  on  outbound, 
encrypted  traffic.  As  with  the  other  prod¬ 
ucts,  IM-Age  disclaimers  and  infraction 
messages  are  fully  customizable  on  a 
group-by-group  basis. 

Putting  it  together 

The  initial  installations,  for  the  most 
part,  are  trivial.  FaceTime  has  further 
streamlined  the  process  by  offering  its  IM 
Guardian  in  a  fully  integrated  network 
appliance  (the  RTG500)  running  hard¬ 
ened  Linux.  All  you  do  is  turn  it  on, give  it 
an  IP  address  and  away  it  goes,  monitor¬ 


ing  your  IM  traffic.  FaceTime’s  user  inter¬ 
face  was  exceptionally  elegant  and  easy 
to  use.The  other  companies  we  tested 
say  they  are  not  far  behind  in  bringing 
similar  network  appliances  to  the  market, 
but  also  say  that  sometimes  “just  a  gate¬ 
way”  is  not  enough.  Savvy  users  who  can 
find  ways  to  circumvent  a  central  gate¬ 
way  server  might  find  ways  to  bypass 
your  policies.That  is  one  reason  why  IM- 
Age  says  it  feels  strongly  about  using  a 
client,  thus  enabling  IM  management 
regardless  of  where  or  how  that  machine 
is  networked. 

We  also  discovered  a  lot  of  smaller  pro¬ 
ducts  or  options  that  add  to  the  IM  mon¬ 
itoring  and  management  big  picture. 
FaceTime  offers  IM  Guardian  for  moni¬ 
toring  at  the  edge,  and  IM  Auditor  is  its 
policy  engine.  In  addition  to  the  L7 
Enterprise  server,  Akonix  adds  Rogue 
Aware,  Enforce  and  Compliance 
Manager  (we  did  not  test  these  three 
components). 

IMlogic  did  a  good  job  of  keeping  the 
picture  simple  for  buyers  —  its  IM 
Manager  is  more  of  a  one-stop  offering 
for  IM  monitoring,  risk  management  and 


policy  compliance  enforcement.  But 
IMlogic  still  offers  IM  Detector  (which  we 
did  not  test)  at  no  additional  cost  to 
detect  and  stop  stubborn  users  who  try 
to  circumvent  your  policies. 

Akonix,  FaceTime  and  IMlogic  had  vir¬ 
tually  the  same  requirements  when  in¬ 
stalling  on  a  Windows  platform.  We  in¬ 
stalled  them  on  Windows  2003  Standard 
Server  and  loaded  Microsoft’s  SQL  Server 
2000  Standard  Edition  on  top  of  it. 

IMlogic  and  FaceTime  also  use  the  In¬ 
ternet  Information  Server  components  of 
Windows,  and  IMlogic  also  uses  the 
Windows  Message  Queuing  services. 
Beyond  that,  each  of  these  three  products 
installed  with  virtually  no  problems.  IM- 
Age  did  require  an  additional  server  to 
install  Microsoft’s  Internet  Security  and 
Acceleration  server,  so  there  was  a  little 
more  work  upfront.  But  to  offset  this,  IM- 
Age  includes  product  installation  as  part 
of  the  purchase  price. 

Adding  encryption 

IM-Age  seems  well  designed  for  com¬ 
panies  in  which  a  network  manager 
can  install  a  run-time  executable  appli¬ 


cation  on  every  client  system  and  in 
which  the  mandate  is  to  manage  all  IM 
traffic,  whether  users  are  attached  to  a 
LAN  or  on  a  third-party  network. The  IM- 
Age  client  also  can  be  deployed  in 
stealth  mode. 

Another  characteristic  that  differenti¬ 
ates  IM-Age  is  the  encryption  of  IM  traffic. 
If  this  is  required  in  your  environment, 
look  no  further  than  IM-Age.  A  448-bit 
Rolling  Salt  Blowfish  encryption  engine 
is  integrated  into  the  managed  clients, 
offering  a  significant  benefit  when  users 
are  transmitting  sensitive  information  via 
IM,  whether  over  a  LAN  or  the  Internet. 

This  encryption  also  is  extended  to  un¬ 
managed  clients  through  a  free,  down¬ 
loadable  reader.  A  URL  for  the  reader  is 
sent  to  the  user  across  the  network  as 
part  of  the  active  IM  session. The  unman¬ 
aged  user  clicks  the  link  to  accept  the 
decryption  engine  download  and  the 
key  to  the  local  system  for  the  duration  of 
the  session.  The  reader  overlays  the  de¬ 
crypted  text  on  the  IM  client,  denoting  it 
with  a  padlock  icon  to  remind  the  user 
that  the  message  is  encrypted. During 
testing,  we  noticed  no  perceivable  slow¬ 
downs  when  encryption  was  enabled. 

Directory  assistance 

All  four  systems  we  tested  leveraged 
existing  enterprise  directory  and  user 
management  systems,  firewalls  and 
other  network  and  communications  ad¬ 
ministration  tools  to  varying  degrees. 
Akonix  and  FaceTime  had  directory  in¬ 
tegration  and  synchronization  functions 
that  could  tie  into  several  directory  sys¬ 
tems,  including  Windows  Active 
Directory  and  Sun  ONE  Directory. 
Akonix  also  synchronizes  with  Novell’s 
eDirectory  and  FaceTime  can  synchro¬ 
nize  with  IBM’s  Lotus  Domino.  Akonix 
also  can  import  and  synchronize  with 
multiple  directories  simultaneously 

IMlogic  also  performed  directory 
import  and  synchronization.  But  this  is 
very  basic,  and  limited  to  generic  Light¬ 
weight  Directory  Access  Protocol.  We 
found  this  was  every  bit  as  functional  as 
the  other  vendors’  products.  But  be¬ 
cause  the  system  is  more  generic,  a  sys¬ 
tem  administrator  has  to  know  enough 
about  the  local  directory  service  to 
answer  a  few  questions,  such  as  port 
and  object  classes. 

Although  IM-Age  doesn’t  synchronize 
directories,  it  does  deal  with  directory 
information.  It  will  report  a  user’s  cre¬ 
dentials,  but  they  are  authenticated  to  a 
local  machine,  regardless  of  the  enter¬ 
prise  directory  being  used.  This  means 
system  administrators  cannot  import 
user  accounts  ahead  of  time,  but  once  a 
user  connects  to  the  system,  the  infor¬ 
mation  is  correct. 
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What  about  the  user? 

The  four  products  all  did  a  very  good 
job  remaining  transparent  and  running 
in  the  background.  Whether  the  prod¬ 
ucts  were  in  use  did  not  change  how 
the  IM  clients  are  used  or  how  they 
function.  When  infractions  occurred, 
IMs  would  be  sent  to  the  offending 
user.  Blocked  file  transfers  would  look 
to  the  external  sender  as  if  the  internal 
recipient  simply  declined  the  transfer. 
If  the  internal  user  attempted  a  file 
transfer  that  was  not  allowed  by  policy, 
an  infraction  IM  would  be  sent.  In  the 
case  of  IM-Age  users  running  the 
client,  a  pop-up  window  alerted  them 
as  soon  as  they  brought  up  the  File 
selection  dialog  box. 

All  the  products  can  customize  the 
messages  that  are  sent  back  to  the 
offending  IM  user,  whether  internal  (and 
managed)  or  external  (unmanaged). 
This  lets  the  system  administrator  decide 
how  much  detail  is  appropriate  when 
alerting  the  user  to  an  infraction.  Akonix 
uses  the  “toaster”  display  in  MSN  to  send 
the  infraction  notices.  The  little  pop-up 
window  that  appears  near  the  system 
tray  becomes  the  bearer  of  unpleasant 
news,  rather  than  an  IM. 

Reviewing  IM  archives 

To  comply  with  federal  or  industry 
rules  (or  just  good  housekeeping),  it  may 
be  necessary  to  look  for  content  that  has 
been  logged  by  these  products.  All  four 
products  have  reviewer  functions  built 
in,  but  the  feature  sets  vary  quite  a  bit. 

Akonix  uses  a  Windows  program  that 
can  create  a  summary  or  detailed  re¬ 
ports,  and  charts  and  graphs.  A  wizard 
assists  in  creating  a  report  to  find  re¬ 
quired  data.  Customized  reports  can  be 
saved  for  later  use. Once  a  report  is  saved, 
it  can  be  scheduled  to  run  as  needed. 
The  report  can  be  created  as  a  PDF 
Crystal  Report  or  HTML,  and  can  be 
saved  to  disk  or  e-mailed  from  a  locally 
installed  MAPI  client. 

As  flexible  as  the  rest  of  L7  Enterprise  is, 


How  We  Did  It 


Viruses  and  ‘spim’ 

A 


challenge  for  network  managers  is  preventing  IM  clients  from  becom¬ 
ing  used  in  virus  attacks. 

IMIogic  and  FaceTime  provide  methods  to  snap  in  various  anti¬ 
virus  engines  but  leave  the  management  separate  from  IM  management. 
Akonix  takes  a  more  integrated  approach,  including  a  McAfee  virus  pro¬ 
tection  system  as  part  of  L7  Enterprise. The  integrated  method  puts  the 
management  for  the  complete  system  under  one  interface,  but  it  also 
means  if  you  are  using  something  else  for  the  rest  of  the  company,  you 
can’t  use  it  here.  IM-Age  did  not  document  for  us  any  methods  for  adding 
anti-virus  products  into  its  software. 

Also  becoming  more  prominent  is  spam,  coined  "spim"  in  the  IM  arena. 
FaceTime  and  IMIogic  have  functions  built  into  their  products  that  explic¬ 
itly  deal  with  spim.  FaceTime  uses  a  challenge/response  method,  asking 
users  to  send  back  a  configurable  phrase  before  it  lets  a  request  be 
added  as  a  “buddy"  to  be  passed  on.  IM  clients  can,  of  course,  be  config¬ 
ured  to  accept  messages  only  from  people  on  a  buddy  list.  But  this  fea¬ 
ture  will  stop  programs  that  simply  try  to  get  on  the  buddy  list  of  every 
user  it  can  find.  If  someone  is  already  on  your  buddy  list  and  they  send 
you  spim,  you  can  just  delete  them  from  your  list. 

IMIogic  manages  a  blacklist  of  users  to  block  on  the  three  public  IM 
systems.The  list  can  be  updated  one  name  at  a  time,  or  in  bulk  using 
lists. This  prevents  so-called  spimmers  from  sending  IM,  even  if  they 
manage  to  get  on  a  user's  buddy  list. 

Akonix  also  handles  spim,  but  it  doesn’t  have  separate  functions  in  L7 
Enterprise  dedicated  to  it.  Instead,  L7  Enterprise  includes  three  default 
polices  for  the  latest  threats  (Osama  Found,  the  Bizex  worm  and  the 
JituxA  worm)  as  a  template  for  how  to  create  new  policies  as  new 
threats  emerge. 

With  IM-Age,  you  need  to  rely  on  a  combination  of  keyword  blocking 
and  overall  file  blocking  to  address  spim  threats. Templates  for  how  to  do 
this  are  not  included,  either.  But  as  long  as  spims  have  consistent  text, 
effective  rules  can  be  created  quickly. 

—  Christine  Perey  and  Travis  Berkley 


it  was  a  little  difficult  to  search  for  con¬ 
tent  on  an  ad  hoc  basis,  unless  it  was  in¬ 
cluded  as  a  blocked  keyword.  Another 
shortcoming  with  Akonix  is  that  there  are 
basically  two  levels,  either  read-only  or 
full  access.  However,  the  reporting  tool  is 
very  easy  to  use  and  generates  very 
attractive  reports. 

IMlogic’s  IM  Manager  is  more  detailed 
with  reviewer  levels,  and  provides  four 
basic  functions  —  query  the  logs,  edit 
annotations  to  conversations,  view  an 


Each  product  was  installed  on  an  HP  ProLiant  DL380  G3  server,  with 
two  2.8-GHz  Xeon  processors,  2G  bytes  of  RAM  and  a  34G-byte 
RAID5  disk.  Windows  2003  Standard  Server  was  installed  to  host  the 
application  and  Microsoft's  SQL  Server  2000  Standard  Edition  database. 

For  IM-Age,  a  second  server  was  required  for  Microsoft's  Internet  Security 
and  Acceleration  server.  A  second  HP  DL380  was  installed  with  Windows 
2000  Server  to  host  ISA  Server  2000. 

Our  tests  simulated  what  most  public  IM  users  would  be  doing  with  three 
main  public  IM  clients  —  MSN,  Yahoo  and  AOL  Instant  Messenger. To  test 
policy  enforcement  capabilities,  we  looked  for  content  management  and  key¬ 
word  blocking,  as  well  as  file  transfer  management  and  control. 

We  did  not  test  effectiveness  of  anti-virus  features  on  these  systems, 
nocause  the  vendors  included  in  the  review  (see  related  story,  above)  do  not 
manufacture  them. 


audit  trail  (essentially  a  review  of  the 
reviewer)  and  manage  keywords.  The 
reviewer  in  IM  Manager  can  create  key¬ 
words  to  watch  for,  but  not  block.  For  ex¬ 
ample,  you  might  not  want  to  prevent 
employees  from  using  the  phrase  “stock 
split,”  but  you  might  want  to  see  how  it  is 
being  used. 

Reports  cannot  be  saved  or  scheduled. 
But  like  everything  else  in  IM  Manager, 
the  easy-to-use  Web  interface  lets  you  run 
reports  from  anywhere. 

FaceTime’s  IM  Auditor  is  even  more 
detailed.  Not  only  can  there  be  global 
reviewers,  but  FaceTime  introduces  the 
concept  of  a  group  supervisor. 

This  distinction  gives  reviewer  privi¬ 
leges  that  are  limited  in  scope,  rather 
than  function,  to  a  defined  group.  For 
example,  you  might  have  separate 
reviewers  for  each  of  the  sales,  marketing 
and  engineering  groups  who  only  can 
see  conversations  for  each  department’s 
users,  and  another  global  reviewer,  who 
has  access  to  everything. 

IM  Auditor  also  can  give  end  users  the 
ability  to  search  over  their  own  conversa¬ 
tions.  While  IM  Auditor  doesn’t  store  sep¬ 
arate  keywords  from  the  blocked  list,  it 
does  provide  the  ability  to  search  for  ad 
hoc  text. 


Much  like  IM  Manager,  IM  Auditor  can¬ 
not  save  or  schedule  these  reports,  but 
its  Web-based  interface  lets  you  run 
reports  from  any  browser. 

IM-Age  offers  a  Web  interface  and  a 
Windows  application.  While  the  Web- 
based  version  allows  use  from  any¬ 
where,  the  Windows  application  is  eas¬ 
ier  to  use.  It  provides  search  capabilities 
to  reviewers  and  end  users,  limiting 
only  the  scope  of  what  is  seen  based  on 
authentication.  Again,  these  queries 
cannot  be  saved  or  scheduled. 

But  the  combination  of  access  meth¬ 
ods  provides  good  accessibility.  One 
extra  and  unique  feature  in  IM-Age  is 
the  ability  to  generate  an  ad  hoc  query 
as  a  raw  SQL  statement.  While  this  is 
extremely  powerful  and  flexible,  it 
would  almost  certainly  be  too  complex 
for  all  but  the  most  experienced  net¬ 
work  managers. 

Something  for  everyone 

All  the  systems  we  tested  were  de¬ 
signed  to  monitor  and  manage  IM  traf¬ 
fic,  such  that  companies  can  permit 
their  employees  to  use  public  IM  ser¬ 
vices  for  business  purposes  without 
exposing  the  company  to  unnecessary 
risks,  and  to  ensure  compliance  with 
industry,  government  or  corporate 
guidelines.  Akonix’s  L7  Enterprise  offers 
the  best  overall  package,  but  FaceTime 
and  IMIogic  also  have  very  strong  pack¬ 
ages,  delivering  solid  performance  that 
won’t  disappoint.  And  if  you  need  to 
encrypt  your  IM  traffic, give  IM-Age  a 
look. 

Perey  is  president  of  Perey  Research  & 
Consulting,  a  firm  dedicated  to  the 
expansion  of  the  rich  media  communica¬ 
tions  market.  She  can  be  reached  at 
cperey@perey.com.  Berkley  is  the  manag¬ 
er  for  LAN  Support  Services  at  the 
University  of  Kansas.  He  can  be  reached 
at  berkley@ku.edu. 
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Best  security. 


Highly  reliable. 


Cost  effective. 


“Check  Point  Express  brings 
enterprise-class  security  to 
the  mid-sized  company  at  a 
price  and  performance  level 
that  meets  their  needs!’ 


Charles  Kolodgy,  Research  Director, 
Security  Products,  I  DC 
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We  Secure  the  Internet. 


Secure  your  business  with  Check  Point  Express. 

Your  business  deserves  the  best  security  solution  available  today:  Check  Point  Express'.”  Designed  for  companies  with 
100-500  employees,  Check  Point  Express  protects  your  business  with  the  same  superior  firewall  and  VPN 
technology  that  secures  97  of  the  Fortune  100.  Yet  it’s  priced  right  for  mid-size  businesses.  With  Check  Point  Express, 
you’ll  get  performance  you  can  always  rely  on,  and  security  you  don’t  have  to  worry  about.  Its  unique  features  include 
intelligent  network  and  application-level  protection.  And  its  intuitive  interface  simplifies  every  aspect  of  security 
management.  There  is  no  better  way  to  secure  your  critical  network  resources  and  connect  remote  users  and  sites. 
See  for  yourself.  Compare  Check  Point  Express  to  competing  offerings  at  www.checkpoint.com/compareexpress. 

Check  Point  Express  comes  pre-installed  on  appliances  from  Sun  and  Nokia 
and  runs  on  open  servers  from  Dell,  IBM,  and  other  leading  manufacturers. 
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CAREER  DEVELOPMENT 
PROJECT  MANAGEMENT 
■  BUSINESS  JUSTIFICATION 


Leaders  can  be  made 

Promising  IT  managers  develop  leadership  skills  with  help  from  Steinbeck,  Shakespeare  and  Hemingway. 


■  BY  TIM  GREENE 

When  Jeff  Geltz  was  chosen  by  his  boss  to 
attend  an  IT  leadership  development  class, 
he  wasn’t  thrilled  by  the  idea. 

“It  smacked  of  a  remedial  program  "he  says  about 
the  Society  for  Information  Management’s  Regional 
Leadership  Forums  (SIM  RLF).  “I  thought  it  was 
going  to  be  ‘Let’s  sit  around  a  room  and  talk  about 
warm  and  fuzzy  concepts.’  I  was  more  interested  in 
the  next  project.” 

RLF  did  include  what  Geltz  thought  of  as  warm, 
fuzzy  topics,  such  as  how  to  establish  a  healthy  balance 
between  work  and  the  rest  of  life.“I  threw  it  into  the  buck¬ 
et  that  work-life  balance  is  for  wimps,” says  Geltz, now  CIO 
of  eLoyalty  in  Lake  Forest,  Ill.“After  a  while  I  realized  there 
was  validity  to  the  conversation. . . .  [Finding  a  balance]  is 
still  challenging  to  me,  because  I  really  love  what  1  do.” 

SIM  launched  its  RLF  leadership  development  program 
in  1992  and  has  about  1,200  graduates.  Each  class  has 
about  20  students,  many  of  whom  start  out  skeptical 
like  Geltz  but  learn  the  value  of  sharing  personal 
and  professional  experiences  with  what  quickly 
becomes  a  close  group  of  colleagues. 

Graduates  say  the  program  helps  them  see  them¬ 
selves  more  clearly  so  they  can  decide  which  IT 
career  path  is  right  for  them.  Participants  are  gener¬ 
ally  in  the  30s,  and  their  employers  invest  in  the 
$6,000  program  ($6,500  for  non-SIM  members)  to 
groom  future  IT  leaders. 

“I  prided  myself  as  being  a  fairly  technical  person,”  says 
Paul  Amorello,  vice  president  of  IT  for  Pepperidge  Farms/ 
Godiva  Chocolates  in  Norwalk,  Conn.,  who  attended  an 
RLF  in  1996.  But  he  came  to  realize  that  even  though  he 
was  good  at  solving  day-to-day  technology  issues,  he  had 
other  non-technical  abilities  such  as  humor  and  persever¬ 
ance.  He  chose  to  use  these  soft  skills  as  a  leader,  although 
it  wasn’t  an  easy  decision. 

“1  still  want  to  drill  down  on  stuff,”  says  Amorello,  who 
landed  his  current  job  10  months  after  taking  the  SIM 
course.“lt’s  always  difficult  to  let  go,  but  it  comes  down  to 
how  do  you  feel  comfortable  bringing  value  to  an  organi¬ 
zation?  Writing  lines  of  code?  Managing  programs? 
Managing  people  who  manage  programs?”  For  him,  it’s 
about  using  personal  skills  and  organizing  people.“I  pride 
myself  on  my  ability  to  pull  together  a  complementary 
group  of  folks  and  build  a  high-performance  team,”he  says. 

RLF  is  set  up  to  help  make  this  type  of  decision  easier 
and  to  deve  op  managers  into  leaders,  says  Madeline 
Weiss,  a  facilitator  who  runs  classes  on  the  East  Coast.The 
classes  run  through  a  checklist  of  skills  that  leaders  need, 
including  how  to  motivate  people,  work  well  in  teams,  de¬ 
velop  a  global  perspective,  negotiate,  build  peer  networks, 
set  strategic  priorities  and  manage  alliances. 


Big  lessons  learned 

Leadership  training  students  answer:  “What’s 
the  most  important  thing  you  took  away  from 
your  classes?” 


Paul  Amorello  Vice  president  of  IT,  Pepperidge 
Farms/Godiva  Chocolates 


Molly  Mahoney  Senior  manager,  shared  services, 

Attorneys' Title  and  Insurance  Fund 

The  RLF  courses  run  for  nine  months,  with  members  get¬ 
ting  time  off  from  work  to  meet  for  two  days  every  six 
weeks,  during  which  they  hear  advice  from  guest  CIOs,  dis¬ 
cuss  leadership  principles  based  on  their  work  experi¬ 
ences  and  glean  leadership  lessons  from  readings  as  var¬ 
ied  as  The  Pearl,  The  Old  Man  and  the  Sea  and  King  Lear. 

For  instance,  classes  can  learn  about  the  smooth  transfer 
of  power  from  reading  about  Lear, who  turned  his  kingdom 
over  to  two  daughters  who  later  betrayed  him.  “He  just  let 
go.  He  didn’t  do  it  in  any  kind  of  planned  and  gradual  way 
You  let  go  after  you  build  trust;you  do  it  gradually  she  says. 

Molly  Mahoney,  a  current  RLF  student,  says  she  learned 
about  risk  vs.  reward  from  The  Old  Man  and  the  Sea,  the 
tale  of  an  old  fisherman  who  puts  his  life  in  danger  to 
catch  the  big  fish,  only  to  have  sharks  eat  it  before  he  can 
get  it  to  shore.“Was  it  worth  it?  If  it’s  a  lifelong  dream.it  may 
be  worth  it,”  says  Mahoney,  a  senior  manager  of  shared  ser¬ 
vices  for  Attorneys’Title  and  Insurance  Fund  in  Orlando.  In 
the  story  she  finds  encouragement  to  take  a  risk  if  the  goal 
is  important  enough. 


The  book  also  shows  the  value  of  professionalism  and 
persistence, and  that  a  failed  project  still  can  have  benefits 
and  rewards,  says  Mike  Carleton,  CIO  of  the  U.S.  General 
Services  Administration  in  Washington,  D.C. 

Beyond  the  reading  assignments,  Carleton  says  personal 
relationships  that  develop  over  the  nine  months  of  the 
course  are  invaluable.“You  are  sharing  experiences  with¬ 
in  the  forum.  With  six  weeks  between  classes,  lots  of  real- 
life  things  happen  —  mergers  and  acquisitions,  births  in 
families,  job  changes,”  he  says. 

In  some  cases,  family  members  have  died.  “You  go 
through  these  things  together.  It’s  personal  but  not  in  a  way 
that  would  get  you  into  trouble.  .  .  .  It’s  so  supportive,” 
Mahoney  says. 

This  bond  is  powerful  and  lasts  long  after  the  class¬ 
es  end.  Graduates  have  been  known  to  meet  period¬ 
ically  for  dinner  to  keep  helping  each  other  with 
work  and  personal  problems.“There  was  a  common 
theme  to  our  experiences.  We  were  all  IT  people,  and 
that  was  very  important  to  us,” Geltz  says.“We  were  all 
facing  these  challenges  that  you  normally  don’t  talk 
about  with  anyone  else.” 

Some  topics  they  discuss  include  developing  a  ser¬ 
vice-oriented  approach  to  enterprise  architecture, 
outsourcing  and  the  loss  of  IT  jobs  to  workers  overseas. 

Carleton  found  so  much  value  in  RLF  that  he  now  facil¬ 
itates  RLF  classes  on  his  vacation  time.“These  classes  work 
not  so  much  because  I’m  pulling  it  together  but  because 
the  right  people  at  the  right  point  in  their  careers  are  in 
the  room. They  develop  a  group  identity’ he  says. 

Beyond  that,  participants  develop  a  stronger  sense  of 
who  they  are  that  can  translate  into  their  becoming  better 
leaders.  “The  kind  of  individual  you  are  speaks  for  itself 
and  resonates  through  your  leadership  traits.  If  you  don’t 
know  who  you  are  and  you’re  not  comfortable  with  your¬ 
self,  that  may  show  up,”  Mahoney  says. 

Carleton  says  this  sense  of  wholeness  is  a  key  element 
that  many  IT  managers  need  to  achieve  before  they  be¬ 
come  effective  leaders.“Many  folks  in  IT  are  self-selected  in 
IT  because  they  like  logic,  rationality  and  order,  and  mak¬ 
ing  things  efficient  and  predictable,”  he  says.“What  happens 
at  the  top  is  the  opposite  —  ambiguity,  risky  decisions 
based  on  absence  of  complete  information.” 

While  the  course  helps  bring  important  leadership  issues 
to  light,  it  is  not  a  onetime  fix  that  lasts  for  life.“Leadership 
is  extremely  important  to  organizations,”  Geltz  says.“It’s  not 
something  you  can  ignore, and  it’s  something  you  can  prac¬ 
tice,  and  it  takes  a  lot  of  effort  to  be  good  at  it.”  ■ 

Get  with  the  program! 

3  See  the  sample  curriculum  SIM’s  Regional 
Leadership  Forum  covers  and  learn  about 
the  application  requirements. 
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Work-family  balance.  How  fast 
do  you  want  to  move  in  your 
career  and  never  see  your  son 
in  a  baseball  game? 


Focusing  on  leadership  prin¬ 
ciples  is  extremely  important 
and  key  to  formation  of  a  team. 

Jeff  Geltz  CIO,  eLoyalty 


It’s  brought  out  the  creative 
side.  How  can  I  present  a  topic 
so  it's  not  threatening,  so 
people  are  open  to  tiring  a  new 
process  or  procedure? 
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Cyclades'  data  center  management  solutions  offer  a  full  range 
of  security  features  across  its  entire  product  line  of  console  servers, 
power  management,  KVM,  biometric  scanner  and  network  management. 
With  SSH  v2,  IP  Filtering,  strong  authentication,  event  logging  and 
data  logging,  Cyclades  can  make  your  network  into  a  secure 
heavyweight  contender  in  the  data  center  world. 
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For  a  FREE  white  paper  on  data  center  security,  please  visit  us  at  www.cyclades.com/securitywp 


www.cyclades.com/nw 

i.888.cyclades  ■  1.888.292.5233  •  sales@cyclades.com 
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Who's  Protecting 

Your  Network? 


GTA  Firewall  Products 

Tough  Network  Security 


✓  Building  Firewalls  for  over  10  years 

✓  ICSA  4.0  Corporate  Certification 

✓  5  appliances  to  match  your  network  needs 

✓  Easy,  Flexible  Implementation  Options 

✓  IPSecVPN 

✓  Affordable  pricing 


Global 
Technology 
Associates,  Inc. 


1-800-775-4GTA  *  www.gta.com  ■  lnfo@gta.com 


mm 


www.networkinstruments.com/nine 

©  2004  Network  Instruments.  LLC.  All  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments,  U.C. 


aw 


AKE  T  HAPPEN 


Introducing  Observer  9 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4GB  packet  capture  buffer 

•  Wireless  Site  Survey  Modes 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP,  RMON  and  now  HCRMON  support 


Custom  Management  Levels 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn't  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 


OBSERVER 

•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 


Remote  &  Hardware  Options 


REMOTE  NETWORKING  PROBES 


•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 


EXPERT  OBSERVER 

•  Wtiat-lf  Modeling  Analysis 
■  ■  •  Expert  Analysis 

♦  Connection  Dynamics 


GIGABIT  &  WAN  HARDWARE  OPTIONS 


Portable  analyzer  systems 
Rack-mount  Probes  ready  to  go 
Direct,  passive  link  for  independent  views 


OBSERVER  SUITE 

•  Complete  SNMP  device  management 

•  Supports  full  RM0N1 ,  RM0N2.  HCRMON 

•  Web  Publishing  Reports 
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One  Equinox  Way,  Sunrise  FL  33351,  email:  sales@equinox.com  or  for  international  customers  email:  intlsales@equinox.com. 

©  2004  Avocent  Corporation.  Equinox  and  AVWorks  are  registered  trademarks  of  Avocent  Corporation  or  its  affiliates.  All  other  marks  are  the  property  of  their  respective  owners. 


CCM  Console  Manager  features: 


■  SSH  v2/Telnet  host 

■  Strong  authentication 

■  Offline  buffering 

■  SUN  break  safe 


■  In/out  of  band  access 

■  Point  and  click  access 
to  serial  consoles,  KVM 
and  power* 


*  To  be  provided  in  future  upgrade  for  the  48-port  model. 


Relax  and  fix  the  problem  from  virtually  anywhere. 

When  critical  servers  or  network  equipment  malfunction, 
the  Equinox  CCM  console  manager  and  AVWorks® 
management  software  give  you  the  tools  to  securely  and 
quickly  restore  normal  functionality  from  anywhere. 


Extend  your  reach 


Available  in  8,  16 
and  48-ports. 


For  your  free  white  paper  on 
Best  Practices  for  Secure 
Console  Port  Management  visit 

www.equinox.com/ccm4 

For  a  30-day  product  evaluation 
call  1-800-275-3500  ext.  247  or 
954-746-9000  ext.  247 


Power 

Control 


Your  virtual  crash  cart 


Local 

Terminal 


Telnet 

◦lent 


CCM  Console 
Manager 


Dial  Access 
Client  OR 


Network 


Modem 


Linux  Server 
Unix  Server 
Windows  Server 
Router 


SSH 

Client 


Serial 


AVWorks 
Software  Client 
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Secure  Console  Port  Management 

Extend  Your  Reach 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 

Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


UltraMatrix  Remote 


UltraConsole 


REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +44  (0)  1 264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

Free  lifetime  upgrade  of  firmware 

Security  features  prevent  unauthorized  access 

Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 

simultaneous  booting 

Easy  to  expand 
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superb  -PC  Magazine 


Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  &  PDF  while  displaying  embedded 
links,  formatting  &  rflTEMSfl 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 


dtSearch  Reviews... 

♦  “The  most  powerful  document  search  tool  on  the  market” 

—  Wired  Magazine 

♦  “Intuitive  and  austere  ...  a  superb  search  tool”  — PC  World 

♦  “Blindingly  fast”  —  Computer  Forensics:  Incident  Response 

Essentials 

♦  “A  powerful  arsenal  of  search  tools”  —  The  New  York  Times 

♦  “Covers  all  data  sources  ...  powerful  Web-based  engines” 

—  eWEEK 

♦  “Searches  at  blazing  speeds”  —  Computer  Reseller  News 

Test  Center 


1  -800-IT-FINDS 

sales@dtsearch.com 


See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 
Klly-fuhctional  evaluations  JflMtfMMNI 


Stop  juggling  with 
multiple  management  tools 


*4  Keep  IT  simple 


ManageEngine" 

OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today. 


Available  for  Linux,  Solaris  and  Windows 
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ww.opmanager.com 
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FREE 

30  Day  Trial 
Download 


How  Do  You 
Distribute 

20,000  Watts  in 

Your  Cabinet? 

Sentry  CDU  Cabinet  Power  Distribution 


High-density  Equipment  Cabient  Power  Distribution 

84-Outlet  Receptacles 

20,000  Watt  3-Phase  Power  Distribution  Model 

1 0,000  Watt  208  VAC  Power  Distribution  Model 

True  RMS  Power  Monitoring  per  Branch  Circuit 
Local:  Digitial  Displays,  Remote:  via  Interface 

Input  Power  Monitoring  Facilitates  Load  Balancing 

Web  Interface 

SNMP,  MIB  &  Traps 

Integrated  Temperature  &  Humidity  Probes 

Color-coded  Outlets  by  Branch  Circuit/Electrical 
Phase  for  Easy  Identification 

Center  Rail  "Notch"  for  Simplifying  Cabinet  Installation 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology.  Inc. 
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Server 

Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

Power  demands  from 
today's  new  servers  require 
greater  power  distribution 
in  the  equipment  cabinet. 
The  Sentry  CDU  distributes 
power  for  up  to  42  dual¬ 
power  1 U  servers  in  one 
enclosure.  Single-phase  or 
3-phase  input  with  110  VAC, 
208  VAC  or  mixed  110/208 
VAC  single-phase  outlet 
receptacles. 


Server  Technology,  Inc. 

1040  Sandhill  Drive 
Reno,  NV  89521 -USA 

©toll  free +1.800.835.1515 

tel +1.775.284.2000 
fax  +1.775.284.2065 
www.servertech.com 
sales@servertech.com 


m 


NetworkWorld 

THE  HUB  OF  THE  NETWORK  BUY 


m 


r 


45 

“  6/28/04 


-  .>  * 


,  'V  • 


Cost-Effective  Console  SwitiH 


Intelligent  Serial  Port  Switch  with 
Internal  Modem 


a 


Internal  33.6  Kbps  Modem 
Secure  Dialback  Feature 
Password  Protection 
Invalid  Access  Lockdown 
Periodic  Modem  “AT”  Refresh 
Seven  RS232  DB-9  Console  Ports 
Any-to-Any  Port  Switching 
Non-Connect  Port  Buffering 
Data  Rate  Conversion  300  to  115K  bps 
AC  and-48  DC  Power  Options 
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The  APS-8M  Asynchronous  Port  Switch  is  a  cost  ’  V 

effective  Terminal  Server  alternative,  plus  you  get  an  internal  modem 
which  saves  rack  and  cabling  hassles.  Connect  multiple  devices  for  on-site 
and/or  dial-up  remote  communications.  High  data  throughput,  full  modem 
and  data  flow  control  all  add  up  to  make  the  APS-8M  the  perfect  data  switch 
or  today’s  remote  network  management  applications. 


www.wti.com 


(800)  854-7226 
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Celebrating  our  40th 
Year  in  DataCom 


‘‘Keeping  the  Net.. .Working!” 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 


LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SonicU  e*Training 
Class  for  every  SISK  In  SonlcWALL 
purchases  from  Securematics." 


•  New  SonlcWALL  Resellers  will  receive  1  FREE 
SonicU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit  .*—„**. 


m 


Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 
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WWW.SUUCASE.COM 

Luggage,  Fine  Leather  Goods,  Gifts,  and  more! 


Tumi,  Hartmann,  Andiamo,  Samsonite,  Cross 


10%  discount  for  Network  World  readers 
Enter  code  NWW2004 
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If  it’s  on  the  N  WORLDWIDE  PROVIDER 
network,--  '  '*  OF  NETWORK 

we’ye'  got  it!  HARDWARE 

SINCE  1981! 


vfe’ve  got  «tl  f  j  | 

l  I  -*;  . 

•  NetWork  Hardware 

•  babies 


•  Memory 
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l  NETWORK  SPECIALISTS 

WRC4.NET 

90049*0777 


•  Accessories  | 

salas@wrca.net  -  (800)699-9722x102 


FIBER  OPTIC  SOLUTIONS 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  I S  0  -  9  0  0 1 

•  USB  Modem  and  Hub 

Ii  awVB  * 

Toll  Free  866-SITech-l 
630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.tom  or  www.sitechfiber.com  j 
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iT  PROFESSIONALS: 

POSITION:  Manager  (Glen  Mills,  Pennsylvania  and  other  locations 
through  the  US)  Manage  and  lead  teams  in  large  scale  system  devel¬ 
opment  projects  performing  custom  development  and  legacy  integration. 
Provide  knowledge  and  expertise  related  to  Financial  Services  (Insurance 
and  Securities)  and  Healthcare  industries  including  FACETS  applications. 
Work  on  complex  interface  and  data  conversion  efforts  utilizing  object  ori¬ 
ented  techniques  (Unified  Modeling  Language  and  other  relevant  tools), 
middleware  adapters  and  design  patterns.  Lead  teams  responsible  for 
developing  n-Tier  application  architecture,  data  modeling  (using  ER 
Studio  and  ERWIN)  and  applications  in  object  oriented  technologies. 
Design  and  develop  specialized  tools  ets  (data  management  tools,  pro¬ 
duction  support  tools)  to  support  systems  integration.  Prepare  workplans, 
estimate  budget,  plan  resource  requirement,  and  identify  resources. 
Communicate  engagement  status,  progress  and  impact  to  client  man¬ 
agement  Review  engagement  risks  and  apply  risk  management 
rules/procedures.  Define  approach  and  structure  for  deliverables. 
Develop  external  relationships  to  expand  business  opportunities. 
Participate  in  proposals.  Review  performance  of  team  members. 

WAGE:  $101, 000/year 

Hours  v/orked:  Monday-Friday  9:00am-5:00pm 
MINIMUM  REQUIREMENTS: 

Bachelor's  degree  or  equivalent  in  Computer  Science,  Engineering  (any 
type),  Math,  Business  Administration  or  Management  (any  type)  +  4  years 
exp.  in  the  job  offered  or  4  years  exp.  as  a  Manager,  Senior  Consultant  or 
Consultant.  Related  experience  must  include  at  least  one  year  of  experi¬ 
ence  with  large  scale  systems  development,  interface  architecture  using 
n-Tier  architecture,  implementation  of  FACETS  applications,  data  model¬ 
ing  tools  (ER  Studio  and  ERWIN),  and  object  oriented  techniques  (UML). 
Knowledge  of  Financial  Services  and  Healthcare  industries  required. 
Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a  U.S. 
Bachelor's  degree  as  determined  by  an  accredited  credentials  evaluation 
service. 

Please  send  your  resume,  referencing  Job  Order  Number  WEB428255  to 
the:  PA  Careerlink,  FLC  Unit,  235  W.  Chelten  Ave.,  Philadelphia,  PA 
19144.  EOE. 


IT  PROFESSIONALS 
Senior  Consultant 

(Glen  Mills,  PA  and  other  locations  throughout  the  United  States).  Analyze 
the  operations  and  supply  chain  processes  of  clients  in  the  Banking  indus¬ 
try,  and  develop  strategies  to  reduce  costs  in  a  number  of  back  office 
areas  such  as  statement  print  and  fulfillment,  print  sourcing,  and  state¬ 
ment  strategy.  Make  recommendations  to  upper  management  regarding 
the  "make  versus  buy"  decision  and  assess  statement  standardization 
possibilities  and  their  impact  on  the  overall  cost  of  statement  production 
(from  statement  form  sourcing  to  statement  printing).  Analyze  the  print 
strategies  of  clients  and  develop  recommendations  to  streamline  print 
purchasing  decisions,  standardize  print  materials  usage  and  derive  other 
print  related  efficiency  improvements.  Develop  and  utilize  custom  finan¬ 
cial  models,  and  perform  strategic  sourcing  implementations  of  a  wide 
spectrum  of  spend  categories  such  as  paper,  print,  and  networking  ser¬ 
vices.  Implement  and  develop  Requests  for  Proposals  (RFP's)  as  the 
basis  for  sourcing  initiatives  covering  distinct  spend  categories  such  as 
forms,  envelopes,  print  &  fulfillment  services  and  networking  services, 
evaluate  the  RFP  responses  in  selecting  the  best  all-around  solutions 
based  on  both  cost  and  conformity  to  technical  and  operational  specifica¬ 
tions,  and  participate  in  contract  negotiations. 

The  wage  offered  is  $80, 750/year.  The  work  schedule  is  Monday-Friday 
9:00am-5:00pm.  The  minimum  requirements  are  as  follows:  Bachelor's 
degree  in  Business  Administration,  Information  Systems,  Mathematics, 
Engineering  (any),  Computer  Science,  Economics  or  Management  plus  4 
years  experience  in  the  job  offered  or  4  years  experience  as  a  Senior 
Consultant,  Consultant,  or  Financial  Analyst.  Related  experience  must 
also  include  at  least  six  months  of  Analysis  of  cost  reduction  and  supply 
chain  processes  in  the  Banking  industry;  Print  Strategy  Analysis  and 
Development;  development  of  custom  financial  models;  implementation 
of  Strategic  Sourcing;  and  implementation  and  development  of  Requests 
for  Proposals  (RFP). 

Please  send  your  resume,  referencing  Job  Order  Number  WEB428444  to 
the:  PA  CareerLink,  FLC  Unit,  235  W.  Chelten  Avenue,  Philadelphia,  PA 
19144.  EOE 


IT  PROFESSIONALS: 

POSITION:  Consultant  (Glen  Mills,  Pennsylvania  and  other  locations 
through  the  U.S.).  Identify  functional  areas  for  performance  testing  of  the 
Membership  and  Claims  systems  developed  for  a  major  healthcare  client. 
Involved  in  testing  various  components  including  the  Trizetto  Facet's 
package,  Sybase,  Oracle  databases,  Citrix,  Batch  Programs,  Online 
Applications,  Client  letter  software,  Crystal  Reports,  IPD  (Image  Process 
Design),  HIPAA  gateway  software  and  E-Facets  (web  component  of 
Trizetto  Facets).Tested  Citrix,  Online  Applications,  Client  letter  software 
and  Databases  using  Rational  Test  Manager  and  Mercury  Interactive. 
Create  automated  test  scripts  and  define  testing  scenarios  using  Rational 
Tool  Suite  (Rational  Robot  and  Rational  Test  Manager)  for  testing  facets 
and  affiliated  Extensions.  Managed  the  execution  of  test  scripts  across 
multiple  test  environments  and  created  virtual  users  and  test  scenarios 
using  Rational  Test  Manager.  Responsible  for  testing  systems  distributed 
over  a  wide  geographic  area  and  monitoring  systems  network  perfor¬ 
mance  and  server  load  from  various  locations. 

WAGE:  $75, 780/year 

Hours  worked:  Monday-Friday  9:00am-5:00pm 
MINIMUM  REQUIREMENTS: 

Bachelor’s  degree  or  equivalent  in  Computer  Science,  Engineering  (any 
type),  Math,  Business  Administration  or  Information  Systems  +  1  year 
exp.  in  the  job  offered  or  1  year  exp.  as  a  Systems  Analyst,  Consultant  or 
Senior  Consultant.  Related  experience  must  include  testing  of  systems 
distributed  over  a  wide  geographic  area  and  defining  testing  tools  using 
the  Rational  Testing  Tool  Suite.  Knowledge  of  the  healthcare  industry 
required  Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a  U.S. 
Bachelor's  degree  as  determined  by  an  accredited  credentials  evaluation 
service 

Please  send  your  resume,  referencing  Job  Order  Number  WEB429119  to 
the:  PA  Careeriink.  FLC  Unit.  235  W.  Chelten  Ave.,  Philadelphia,  PA 
19144.  EOE. 


Integrated  Software  Solutions. 
Inc.,  a  rapidly  growing  IT  con¬ 
sulting  Co  has  permanent  posi¬ 
tions  open  for  Computer 
Software  Professionals  w/BS  or 
equiv  deg  &  exp  in  one  of  the  fol¬ 
lowing  skills  or  in  a  combination 
thereof: 

"Administration-Windows 
NT/2000/Unix 
'Oracle  Developer- 
SQL/PL/SQL/Developer  2000 
"DBA-Oracle/Sybase 
'C,  C++,  Visual  Basic, 

J2EE.  ASP 

‘PeopleSoft-and  Related 
PeopleSoft  Tools 
"SAP  R/3-and  Related  Tools 
"Main  Frames-DB2,  CICS, 

JCL,  TSOP 

*QA  Testing-WinRunner/ 
LoadRunner/Silk/Rational 
Suite/Test  Director 
ISS,  Inc.,  provides  a  competitive 
salary  &  benefits.  Applicants 
must  be  willing  to  relocate/travel 
to  various  unanticipated  Iocs 
throughout  US.  Send  resume  to: 
HR  Dept.,  ISS,  Inc.,  855  E.  Golf 
Rd..  #2145,  Arlington  Heights,  IL 
60005  OR  email  to 
resumes@issinc-usa.com 


SOFTWARE  ENGINEER 
(Two  Openings) 

Research,  design  &  dvlp  comp, 
software  sys.  Analyze  software 
reqmnts  to  determine  feasibility 
of  dsgn  w/in  time  &  cost  con¬ 
straints.  Consult  w/clients  to 
define  needs  or  problems.  Use 
C,  FOXPRO,  Dbase,  Oracle  7.3, 
Powerbuilder  &  Developer  2000. 
Bach,  degree  in  Comp.  Sci., 
Comp.  Engnrg,  Business  or 
related  field  of  study  +  2  yrs  exp. 
as  a  Software  Engnr,  Prog./ 
Analyst,  Sys.  Analyst  or  Soft¬ 
ware  Consultant  reqd.  Exp.  must 
include  dsgng  &  dvlpng  comput¬ 
er  programs  &  include  use  of:  (a) 
RDBMS:  Oracle  7.3;  (b)  Lang¬ 
uages:  C;  (c)  FOXPRO,  Dbase, 
Powerbuilder  &  Developer  2000. 
High  mobility.  Various  worksites 
throughout  U.S.  40  hrs/wk,  9am- 
5:30  pm,  $85,000/yr.  Application 
is  by  resume  only.  Please  sub¬ 
mit  resume  to:  Workforce  Devel¬ 
opment  Programs,  P.O.  Box 
46547,  Denver,  CO  80202. 
Please  refer  to  Job  Order  No. 
CO5082148. 


Senior  iSeries  Systems  Eng¬ 
ineers  -  Requires  Bachelor's  or 
equivalent  in  Computer  Science 
or  a  related  field  &  five  years 
experience  in  the  job  offered 
&/or  in  Computer  Information 
Systems/Technology  with  3 
years  of  the  experience  being  in 
Systems  Engineering.  In  lieu  of 
the  BS+5  yrs,  Employer  will 
accept  8  years  of  experience  in 
Computer  Information  Systems/ 
Technology,  with  3  years  of  the 
experience  being  in  Systems 
Engineering.  A  minimum  of  18 
months  of  TCP/IP  &  SNA  com¬ 
munications  on  the  iSeries  is 
essential.  Must  have  the  follow¬ 
ing  certifications:  IBM  LPAR 
Expert  &  iSeries  Technical  Solu¬ 
tions  Expert,  IBM  iSeries  Tech¬ 
nical  Solutions  Design  V5R2  & 
iSeries.  IBM  Technical  Solutions 
Implementation  V5R2,  MIMIX 
V4R4. Networking. 

Competitive  Salary  &  Benefits. 
Contact:  Recruiting,  Premise 
Inc,  4904  Creekside  Drive, 
Clearwater,  FL  33760,  Robert 
Nowels@Dremiseinc.com. 


Data  Communications 
Analyst 

Full  time  position  avail¬ 
able  with  OB/GYN  ofc. 
Help  with  IT/HIPAA 
changes.  Medware  & 
CPT/ICD-9  knowledge 
req'd.  Job  located  in 
Kissimmee,  FL.  Fax  res¬ 
ume  with  salary  req'- 
ments  to  Alpha  Center 
for  Women's  Health  407- 
944-9070.  Attn:  Joan. 


SYSTEMS  ANALYST  -  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  improve  existing 
computer  systems.  BS  in  CS  or 
Engg  or  math-related  and  2  yrs. 
exp.  in  job  offered.  Must  be  able 
to  travel.  Incl.  in  the  2  yrs.,  must 
have  2  yrs.  exp.  with  various 
computer  skill  sets  such  as 
OOP/OOD  with  C/C++,  C#,  ASP 
/VB/ADO.NET,  Servlets.  Jtgo, 
jsp.  Rational  Rose,  RMI,  COR- 
BA,  Brio  Reports,  NoetixViews, 
VisiBroker,  Voice  Apps  using 
VXML,  Nuance,  Sax/Dom,  XSL, 
UML/RUP,  COM/DCOM,  ATL, 
ClearCase,  WebLogic,  Web¬ 
Sphere,  SQLServer,  Oracle, 
CrystalReports,  Visio,  Erwin, 
VMS.  40  Hrs./wk.  9  to  5,  Mon- 
Fri;  No  overtime.  $57,450/yr. 
Apply  resume  to  Attn  HR. 
Capricorn  Systems,  Inc.  3569 
Habersham-at-Northlake,  Build¬ 
ing  K,  Tucker,  GA  30084. 


Programmer  Analyst,  wanted  by 
IT  Company  in  Chicago.  Bach¬ 
elors  in  Engineering  +  1  year 
experience  in  design,  install,  & 
administer  of  databases  in 
Oracle  on  Unix  &  Windows  NT; 
data  modeling  using  ERWIN, 
logical  and  physical  design  of 
databases;  design  &  develop 
applications  in  C/C++,  Pro*C; 
coding  of  Triggers  and  stored 
procedures  using  PL/SQL,  load¬ 
ing  using  SQL  Loader;  monitor 
databases  using  SQL  Lab,  1/ 
WATCH,  Space  Manager;  re¬ 
sponsible  for  backup  and  recov¬ 
ery  of  systems;  writing  Shell  and 
Perl  Scripts;  configure  standby  & 
multi  master  replication  of  data¬ 
bases;  performance  tuning  of 
databases  and  applications  by 
optimizing  SQL,  PL/SQL  code. 
Send  Resume  to  Anthem  Tech¬ 
nologies,  Inc.,  1444  North  Farn¬ 
sworth  Ave  Suite  106;  Aurora,  IL 
60505. 


Software  Engineer 

Analyze,  design,  develop,  test 
and  deploy  Multi-Tier  Enter¬ 
prise  Application  using  Java, 
J2EE,  Swing,  JDBC,  Servlet, 
EJB,  JUnit,  XML  and  UML. 
Req.  Master's  degree  in 
Comp.  Sci.  or  related  field,  at 
least  1-yr  exp.  designing  and 
developing  commercial  grade 
software  and  proficiency  in 
Java,  Swing,  EJB  and  J2EE. 
40  hrs/wk.  Send  resume  with 
Ref#  SE04  to  ComeFrame 
Software,  110  12th  St.  N, 
Birmingham,  AL  35203.  Fax 
(205)  314-3415. 


Computers  -  Seeking  qualified 
candidates  for  senior  &  mid¬ 
level  IT  professional  positions 
including:  Network  Administra¬ 
tors,  Database  Administrators, 
Software  Engineers.  Qual.  can¬ 
didates  must  possess  MS/BS  or 
equiv.  and/or  rel.  work  exp.  Da¬ 
tabase  Administrator  positions 
require  at  least  1  year  working 
with  Oracle  Applications/  RD¬ 
BMS.  Duties  include:  Work  with 
3  of  the  following:  Oracle,  PL/ 
SQL,  Sun  Solaris,  UNIX  Shell 
Scripts,  Veritas  products,  UNIX. 
Fwd  resume  &  references  to: 
Core  Services  Corporation,  Attn: 
HR,  610  Rahway  Avenue,  2nd 
Floor,  Union,  NJ  07083. 


Database  Admin.  (Forest  Park, 
GA):  design,  code,  test  &  imple¬ 
ment  physical  databases; 
Manage  co.  network,  web  server 
&  all  applications;  Train  users  in 
using  new  &  existing  databases. 
Responsible  for  all  new  comput¬ 
er  &  phone  h/ware  procurement, 
maintenance,  &  daily  system 
backups.  Req:  Bachelors  (or  for¬ 
eign  equiv.)  in  Comp.  Sci.,  Math, 
or  related  +  2yrs  in  job  or  as 
Network  Admin,  or  Programmer/ 
Analyst.  Send  resume:  Sunny 
Wholesale,  120  Forest  Parkway, 
Forest  Park,  GA  30297. 


enterprise  integration 


network  vulnerabilities 


corporate  data  security 


government  compliance 


mobile  &  wireless  security 


business  management  needs 


The  right  IT  professional 


can  jump  the  hurdles  of 


today’s  IT  challenges. 


Call: 


(800)  76 2-2977 
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Computers  -  Citigroup,  Inc. 
Stamford.  CT)  seeks  Software 
Engineers/Developers.  Prog. 
Analysts/Admins,  Project  Mgrs/ 
Leaders.  DB  Architects,  QA 
Engineers  w/BS  or  MS  in  Comp 
Sci.,  Engin..  Math.  Stats,  IT, 
Electronics.  CIS.  MIS,  Bus 
Admin,  or  related  quantitative 
field  or  equiv.  combo  of  work 
exp  &  educ.,  &/or  exp.  in  any 
above  or  similar  positions  Exp 
in  any  of  the  following:  UNIX, 
AIX,  Sun/Solaris,  PL/SQL,  Sy¬ 
base,  Oracle.  C++,  ProC,  VB, 
ASP.  Visual  Interdev,  Java, 
JavaScript,  J2EE,  Oracle,  Net¬ 
scape,  MS  IIS,  Shell  Scripting, 
HTML,  Fox  Pro,  Perl.  Windows 
NT,  Networking,  Security  tools, 
QC,  Encryption  Tools,  CASE 
tools,  e-Commerce  technolo¬ 
gies.  Forward  resume  to  Attn: 
DT.  100  First  StamfordPlace, 
Stamford,  CT  06902.  No  calls 
orfaxes,  please.  EOE.  M/F/D/V. 


PROGRAMMER  ANALYSTS 
for  Reston,  VA  office.  Design  & 
Develop  software  applications 
using  Oracle,  Sybase,  XML, 
Coolgen,  Interwoven,  Clear- 
Case,  ClearQuest,  Plumtree, 
PVCS,  UNIX.  Bachelors  or 
Equivalent  req'd  in  Computers, 
Engineering,  Math  or  any  relat¬ 
ed  field  of  study  +  2  yrs  of  relat¬ 
ed  exp.  40  hrs/wk.  Must  have 
legal  authority  to  work  perma¬ 
nently  in  the  U  S.  Contact  HR 
Manager,  HITEC  Information  & 
Technologies,  Inc.,  12007 
Sunrise  Valley  Dr,  Reston, VA, 
20191. 


NetSoft  Tech  has  openings  for  IT 
professionals  to  design  applica¬ 
tions  using  CICS,  MVS,  JCL, 
VSAM  &  DB2,  HTML,  Java, 
PWB,  IIS,  JDBC,  ASP.  Java¬ 
Script,  XML,  C/C++,  Oracle. 
Applicants  must  have  BS/MS  or 
equivalent.  Travel  maybe  re¬ 
quired.  Apply  at  iobs@nstc.net. 
EOE. 

Bauer  Associates  is  looking  for 
software  engineers  to  develop 
software  programmer  for  multi¬ 
processors  system,  implement 
device  drivers  under  VRTX-32 
on  VME  platform,  develop  NVH 
algorithms.  MS/BS  with  experi¬ 
ence  is  minimum  requirement. 
Contact  iobs@bauercontrols 
.com.  EOE. 


Chief  Information  Officer 
for  a  medical  transport 
software  facility  in  San 
Diego.  Must  have  a  de¬ 
gree  BSc  in  computer  soft¬ 
ware  engineering  or  equiv¬ 
alent  &  relevant  industry  & 
CIO  experience.  Send  res¬ 
ume  to  Golden  Hour  Data 
Systems,  Inc.,  312  South 
Cedros  Ave.,  Solana 
Beach,  CA  92075  or  email 
humanresources@aolden 

hourdata.com. 


Want  a  new 
IT  career? 


Check  out  our  jobs 


in  the  combined 


CareerJournal.com 


database. 


www.itcareers.com 


Software  Engineer  sought  by 
company  that  provides  network 
computing  storage  in  Louisville, 
CO  to  work  in  Louisville  and 
other  unanticipated  job  sites  in 
the  US.  Develop  and  implement 
unit  and  system  level  manufac¬ 
turing  software,  process  and 
methods  in  the  tape  advanced 
manufacturing  engineering  divi¬ 
sion  for  a  company  that  manu¬ 
factures  computer  storage 
devices.  Using  Oracle  database 
development  and  application 
development  tools,  develop 
parametric  software  for  tape  per¬ 
formance  testing.  Using  Oracle 
tools  including  reporting  tools, 
Developer  2000,  and  Reports 
2.5,  as  well  as  Pro-C  and 
PL/SQL  in  a  Unix  environment, 
design,  implement,  maintain  and 
oversee  backup  recovery 
through  Oracle  database  admin¬ 
istration.  Use  test  data  obtained 
by  engineering  staff  to  create 
statistical  charts  to  show  perfor¬ 
mance  of  and  to  analyze  test 
data  for  tape  drives.  Requires  3 
yrs  as  a  software  engineer, 
including  at  least  2  years  as  a 
developer  on  Oracle  databases. 
Working  knowledge  of  Unix, 
Pro-C,  PL/SQL  and  Oracle  tools 
including  reporting  tools.  Deve¬ 
loper  2000  and  Reports  2.5. 
8am-5pm,  M-F;  $71,807.65/yr. 
Respond  by  resume  to 
Employment  Programs,  PO  Box 
46547,  Denver,  CO  80202  and 
refer  to  CO5081813. 


Jr.  Programmers,  Programmers, 
Software  Engineers  &  DBAs: 
Analyze,  design  &  develop  spe¬ 
cialized  apps.  in  (a)  Oracle, 
Erwin,  Informix,  Delphi,  Toad, 
Borland  &  rel.  tools;  (b)  Clarify  & 
rel.  tech.,  Clear  Basic,  VB,  SQL 
Server,  Access,  Oracle,  Java  & 
rel.  tools;  (c)  IBM  iSeries  -  ILE 
RPG  CLP/400,  COBOL/400  with 
case  tools  PROGEN,  CRM/400, 
SMART/400;  (d)  Visual  C++, 
TCP/IP,  Bounds  Checker, 
Olectra,  SQL  server  &  rel.  tools; 
(e)  MS. Net  technologies,  MIS, 
IIS,  SQL  Server,  Commerce 
Server  2000;  (f)  Oracle 

Apps./DBA  -  Erwin,  DB  Artisan. 
Unicenter  DBA,  TOAD,  Oracle  & 
rel,  tools;  (g)  MS. Net  technolo¬ 
gies.  Citrix,  Sybase,  C,  Lotus 
Notes,  Oracle  &  rel.  tech.  Send 
resume  to  STS,  Inc.,  HR,  2021 
Fox  Valley  Drive  SW,  Rochester, 
MN  55902,  identifying  interest¬ 
ed  position(s).  EOE. 


Architect/Lead  wanted  by 
electronic  license  manage¬ 
ment  services  co.  Requires 
B.S.  in  Comp.  Sci,  plus  8 
yrs.  exp.  Reply  by  resume 
to  Open  Channel  Solutions, 
Attn:  HR,  1400  Providence 
Highway,  Norwood,  MA 
02062. 


PeopleSoft 

Programmer 

2  yrs.  technical  exp.  in 
PeopleSoft,  Develop  inter¬ 
faces/reports  using  People 
Tools.  PeopleCode  on 
HRMS/FIn/Distrib  modules. 
BS  (Computer  Science)  or 
equiv.  pref.  Mail  resumes: 

Navo  Systems 
1 506  Providence  Hwy  #  29 
Norwood,  MA  02062 


Software  Engineer:  Multiple  op¬ 
enings  Develop,  analyze,  main¬ 
tain  software  applications  using 
C#,  ASp.Net,  ASP,  XML/XSLT, 
XPath,  Visual  Studio,  SQL  Ser¬ 
ver,  Java,  J2EE,  HTML,  EJB, 
Javascript,  UNIX,  Oracle,  etc 
provide  software  support, sys¬ 
tems  re-engineering,  database 
re-design.  Salary:  $86,200/yr. 
Must  have  Master's  Degree  or 
foreign  equiv.  in  Computer  Sc./ 
Engineering/Math  or  equiv.  and 
2  to  4  yrs  of  exp.  in  job  offered  or 
related  job  as  Programmer/Sys¬ 
tems  Analyst/Developer.  Send 
resume  to  Job  Order  #2004- 
211/212/213,  P.O.  Box  989, 
Concord,  NH  03302-0989. 

Programmer/Systems  Analyst: 
Multiple  Openings  Develop,  an¬ 
alyze,  maintain  software  appli¬ 
cations  using  ASP,  XML/XSLT, 
SQL  Server,  Java,  J2EE,  HTML. 
EJB,  Javascript,  UNIX,  Oracle, 
etc.  provide  software  support, 
systems  re-engineering,  data¬ 
base  re-design.  Salary:  $80,900/ 
yr.  Must  have  Master's  Degree 
or  foreign  equiv.  in  Computer 
Sc./  Engineering/Technology  or 
equiv.  and  2  yrs  of  exp.  in  job 
offered  Send  resume  to  Job 
Order  #2004-333/666,  Box  989, 
Concord,  NH  03302-0989. 


COMPUTER  PROFESSIONALS 
Opportunities  for: 

•  SYSTEMS/BUSINESS/ 
PROGRAMMER  ANALYSTS 

•  PROCESS  CAPABILITY 
ANALYST 

•  QC  ANALYST 

•  WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 
SKILLS: 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  •  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM,  DCOM  •  JSP  •  HTML 

•  JAVA.  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES  •  XML.UML 

•  MTS  •  CLARIFY  •  PERL 

•  OBJECTPERL  •  SPYPERL 

•  SMALLTALK  •  PL/SQL 

•  VISUAL  AGE  •  COBOL,  SPL, 
UNIX 

Visit  our  website  @ 
www.computerhorizons.com 
Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr,,  Computer  Horizons 
Corp.,  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000.  E-mail:  jobs@ 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F. 


SAP  Consultants/Software 
Engineers  needed.  Sev.  posi¬ 
tions  available  for  candidates 
possessing  MS/BS  or  equiva¬ 
lent  and/or  relevant  work 
experience.  Part  of  the  req. 
rel.  exp.  must  include  either  2 
yrs.  with  SAP  and  ABAP/4  or 
3  yrs.  with  SAP.  Mail  resume, 
references  and  salary  require¬ 
ments  to:  Seal  Consulting, 
Inc.,  101  Fieldcrest  Avenue, 
Raritan  Plaza  III,  Edison,  NJ 
08837. 


Systems  Analyst  sought  by 
Computer  Consulting  Co. 
Bachelor's  in  Comp  Sci  or 
Eng,  or  foreign  equivalent, 
or  a  combination  of  educa¬ 
tion  and  work  exp.  equal  to 
a  U.S.  Bachelor's  degree, 
plus  2  yrs,  exp.  inc.  ERWin 
and  Teradata  are  required. 
Resumes  to  UPP  Business 
Systems,  3075  Highland 
Pkwy  #730,  Downers 
Grove,  IL  60515. 


n SUCCESS 

join  the  $300  BILLION 

COMPUTER  SERVICE  RUSINESS. 

Find  out  how  you  can  invest  in  one  of 
Entrepreneur  Magazine's  “HOT  100 
Franchises”,  and  in  a  Franchise  7/mes 
“FAST  55”  company  Single,  Multi-Units 
and  Area  Development 
Opportunities  are  now  available. 
For  more  information  call 

or  visit  us  at  (ext  307) 

geeksoncall.com 


©Geeks  On  Call  America,  Inc. 


Software  Engineers:  Consult¬ 
ants  needed  for  database  pro¬ 
gramming,  Internet  program¬ 
ming  or  Systems  side  program¬ 
ming.  Will  help  clients  design, 
develop,  program,  and  test  soft¬ 
ware  implemented  on  client 
server  technology.  The  main 
technologies  involved  are  data¬ 
bases  (Oracle),  datawarehous¬ 
ing  tools  (Business  objects. 
Informatica,  Cognos),  and 
Internet  programming  lan¬ 
guages  (Java,  JDBC)  or  System 
programming  languages  (C  and 
C++).  Must  5  yrs.  exp.  as  soft¬ 
ware  engineer  or  in  a  related 
field. 

Unix  Administrators:  Consult¬ 
ants  also  needed  for  network 
implementation  and  administra¬ 
tion.  system  integration,  back¬ 
up,  and  recoveries,  shell  script¬ 
ing  and  system  securities 
Knowledge  of  management  of 
enterprise  network  storages 
devices  (SAN  and  NAS),  HP 
and  Solaris  Serves.  Swithches, 
HUBS  and  in  Veritas  Neb- 
Backup  Systems.  5  yrs.  expe¬ 
rience  as  Unix  Systems 
Administrator  or  related  field. 

Req.  for  both  positions:  Clients 
are  located  in  9  states. 
Candidates  must  be  willing  to 
move  from  location  to  location 
for  assignment  durations  that 
varies  from  3  mos.  to  year. 
Email  CV  to  rtroff@tnscinc.com, 
Rona  Troff,  HR  Mgr  of 
TechNation  Software  Consul¬ 
ting,  Inc.,  or  mail  to  300  N. 
Dakota  Avenue.  #505B,  Sioux 
Falls,  SD  57104. 


•"Software  Engineer*** 

Disclosure  Source  is  one  of  the 
Fidelity  National  Financial  com¬ 
panies  which  provide  real  estate 
hazard,  risk,  value,  insurability, 
title  and  other  automated  report 
services  to  customers  over  the 
Internet.  DS  seeks  a  Software 
Engineer  to  develop/implement/ 
support  program  components 
for  applications,  servers  and 
databases;  update  source  code 
via  remote  access;  monitor/trou¬ 
bleshoot  performance.  Reqd 
experience  to  include  Windows 
multi-tier  environment,  SQL  Ser¬ 
ver.  COM/DCOM,  XML,  ASP, 
ERWin,  VS  Enterprise,  and  real- 
estate  industry  IT.  May  work 
from  home,  anywhere  in  U.S. 
(phone/modem  expenses  reim¬ 
bursed).  Principals  only.  Must  be 
authorized  to  work  in  U.S.  w/out 
employer  sponsorship.  Mail  or 
FAX  resume  to:  A.  Manvelyan 
/ Re:  SM,  Disclosure  Source, 
3100  New  York  Drive  #100, 
Pasadena  CA  91107.  Fax  626- 
345-2334.  EOE 


Web  Content  Specialist  - 
Candidates  will  assist  in  the 
analysis,  design,  development, 
preparation  and  maintenance  on 
client  web  sites  and  applica¬ 
tions;  Work  in  conjunction  with 
clients  to  maintain  and  update 
content  contained  on  their  web 
sites;  Responsible  for  maintain¬ 
ing,  managing  and  enhancing 
search  engine  rankings  through 
the  use  of  registration  and  orga¬ 
nizational  tools;  Utilize  HTML 
editing  skills  in  the  maintenance 
of  client  sites;  Utilize  file  trans¬ 
ferring  techniques  and  web  site 
content  management  skills  in 
the  development  and  mainte¬ 
nance  of  client  sites;  Identifying 
and  assessing  areas  of  client 
sites  requiring  content  updates; 
Work  with  clients  to  identify  new 
opportunities  for  content  cre¬ 
ation.  High  School  is  required. 
Applicants  must  have  one  year 
training  in  Windows,  HTML, 
Microsoft  Office  and  Desktop 
Publishing.  40  Hrs./wk.  (9:00 
A.M  to  5:00  P.M.);  $35,000.00 
per  year.  Located  in  Wilmette, 
Illinois.  Applicants  must  show 
proof  of  legal  authority  to  work  in 
the  U.S.  Send  resumes  to  ILLI¬ 
NOIS  DEPARTMENT  OF 
EMPLOYMENT  SECURITY,  401 
South  State  Street  -  7  North. 
Chicago,  Illinois  60605.  Atten¬ 
tion:  Brenda  Kelly.  Reference  # 
V-IL  35585-K.  AN  EMPLOYER 
PAID  AD.  NO  CALLS  -  SEND  2 
COPIES  OF  BOTH  RESUME 
AND  COVER  LETTER. 


IT  Operations  Manager 

Java  Developer  reqd  to  contin¬ 
ue  ongoing  dvlpmt  &  mgmt  of 
CLEC's  Workflow  &  Communi¬ 
cation  Systems.  BS  or  BE  in 
Communication  Engg  or  Comp 
Sci  &  min  3  yrs  exp  in  following 
skills:  Object  Oriented  Analysis 
&  Design,  Java  1.4(J2SE), 
J2EE  1.4  dvlpmt  (EJB,  Serv¬ 
lets,  JSP,  MVC),  Orion  Appli¬ 
cation  Server,  Dbase  Dvlpmt 
(MS-SQL.  SQL/PL-SQL,  My¬ 
SQL),  Advanced  HTML,  Java 
Script  &  XML,  Peri.  Unix  Script¬ 
ing.  Must  have  6  mos-lyr  exp 
with:  TCP/IP  protocols,  Phone 
&  Voicemail  systems,  Envox 
Applications  Server,  Envox 
Studio  &  Java  RMI  &  CORBA 
9-6,  40hr/wk.  Mail  resume  to: 
Mr.  Fred  J.  Tips  III,  Carrera 
Communications.  L.P,  211-A 
Brooklyn  Ave.,  San  Antonio,  TX 
78215.  E-mail  resumes  to: 
careers@callcarrera.com. 


Senior  Consultant 

(Glen  Mills,  PA  and  other  loca¬ 
tions  throughout  the  United 
States).  Analyze,  design,  devel¬ 
op  and  implement  procurement 
practices  and  strategic  sourcing 
solutions  based  on  the 
Frictionless  Commerce  Sourc¬ 
ing  (FCS)  or  Ariba  Enterprise 
Spend  Management  (ESM) 
solution  platforms  for  business 
clients.  Design  and  develop 
supporting  databases  and  appli¬ 
cations  to  facilitate  data  analysis 
and  modeling  for  use  by  FCS  or 
ESM  systems.  Responsible  for 
configuring  and  loading  the 
technological  environment  to 
support  the  client's  procurement 
and  sourcing  organization. 
Perform  in-depth  analysis  of  a 
client's  existing  sourcing  and 
procurement  process  to  identify 
complete  technological  require¬ 
ments,  infrastructure,  interfaces, 
and  conversion  needs.  Resp¬ 
onsible  for  developing  the  sup¬ 
porting  business  case  to  imple¬ 
ment  new  business  processes 
and  application  redesign,  devel¬ 
oping  components  of  plan  deliv¬ 
erables  and  applying  best  prac¬ 
tices  to  the  new  design. 

The  wage  offered  is 
$80,421/year.  The  work  sched¬ 
ule  is  Monday-Friday  9:00am- 
5:00pm.  The  minimum  require¬ 
ments  are  as  follows:  Bachelor's 
degree  in  Computer  Science, 
Engineering  (any),  Math.  Bus¬ 
iness  Administration,  Inform¬ 
ation  Technology  or  Manage¬ 
ment  (any)  +  3  years  experience 
in  the  job  offered  or  3  years 
experience  as  a  Consultant, 
Procurement  &  Sourcing  Tech¬ 
nologist,  or  Application  Dev¬ 
eloper.  Related  experience 
must  include  at  least  six  months 
of  Procurement  practices  and 
strategic  sourcing  solutions 
including  category  analysis, 
industry  best  practices,  technol¬ 
ogy  evaluation,  and  process 
redesign;  Frictionless  Comm¬ 
erce  Sourcing  (FCM)  solution 
platforms;  Ariba  Enterprise 
Spend  Management  (ESM) 
solution;  and  developing  and 
configuring  FCS  &  ESM  applica¬ 
tions  for  clients. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB 
428031  to  the:  PA  CareerLink, 
FLC  Unit,  235  W  Chelten  Ave  , 
Philadelphia,  PA  19144.  EOE. 
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Director  Softw.  Develop.  -  Direct 
dev./maint.  of  financ.  trans.  pro¬ 
cess  syst.  direct  procur./dev.  of 
softw/hardw  syst.;  dev.  specs/ 
req'mts;  trans.  specs/req  mts  to 
design  elem./data  schema;  use 
dBBApps/MS  SQL/C#/ASPNET 
&  others  to  impl,  syst.;  direct 
syst  /user  test;  direct  tech,  op.; 
hardw.  config.  for  host,  syst.;  di¬ 
rect  provision,  serv./hardw.,  SQL 
data.,  web  host/netwk  config.; 
direct  app  growth;  supervise 
Engineers.  Master's  or  equiv. 
Comp.  Sci.,  Engin.,  or  related 
req'd.  Bachelor's  Comp.  Sci., 
Engin.,  related  or  acad.  equiv.  + 
5  yrs  progress,  exp.  in  softw. 
engin.  subs  for  Master's  req'mt. 
Must  be  proficient  in  dBBApps/ 
MS  SQL/C#/ASP.  NET.  Competi¬ 
tive  salary,  40  hrs/wk,  OT  as 
need  Send  resume;  J.  Hayes. 
FTS,  1  Meca  Way.  Norcross,  GA 
30083. 


IT  Careers 

Director  of  Merger/Acquisi¬ 
tion  Integration  -  Western  New 
York  based  manufacturing  com¬ 
pany  seeking  top  quality  candi¬ 
date  requires  BS,  MBA  pre¬ 
ferred.  10+  years  exp  with  merg¬ 
ers  &  acquisition  integration  ex¬ 
perience  essential  to  include 
assessment,  business  case  de¬ 
velopment,  planning  &  plan  exe¬ 
cution  to  include:  Networks,  ser¬ 
vers,  software  implementation 
(oracle  1 1  i,  SAP,  etc.)  Excellent 
understanding  of  manufacturing 
financial,  engineering,  and  HR 
applications.  Travel  required. 
Salary  D.O.E.,  Excellent  client 
benefits.  Respond  to  Personnel 
Resource,  Inc.  via  email 
prinorth@perresource.com 
Or  fax  716-633-6779. 


BCC  USA  Inc.  -  Portland, 
Maine  needs  experienced 
Programmer  Analysts  hav¬ 
ing  a  Bachelors  degree  with 
minimum  two  years  of  pro¬ 
gressive  work  experience  in 
RUP/UML,  JAVA,  J2EE, 
EJB.  JMS,  Enterprise  Mes¬ 
saging,  IBM  MQSeries  and 
CORBA.  Competitive  salary 
and  benefits.  M-F,  40  hours/ 
week.  Please  mail  your 
resume  to  BCC  USA  Inc., 
HR  Department,  650  Main 
Street,  Suite  201,  South 
Portland,  ME  04106. 


Rock-Tenn  Company,  national 
paperboard  and  paperboard 
products  manufacturer,  is  seek¬ 
ing  qualified,  degreed  applicants 
with  relevant  experience  as  a 
software  development  team/pro¬ 
ject  leader  and  familiarity  with 
AS/400  and  RPG  to  work  in  our 
Atlanta,  Ga.  office  in  the  position 
of  Chief  Systems  Analyst/Pro¬ 
grammer.  Interested  applicants, 
e-mail  resume  and  cover  letter 
to  jremling@rocktenn.com  or 
mail  to  Jennifer  Remling,  Rock- 
Tenn  Company,  504  Thrasher 
Street,  Norcross,  GA  30071  or 
fax  to  (678)  291-7575.  EOE. 


PROGRAMMER  ANALYSTS 
for  Cincinnati,  OH  office.  De¬ 
sign  &  Develop  software  appli¬ 
cations  using  Oracle,  VB,  De¬ 
veloper  2000,  Designer  2000, 
DB2,  Java,  XML,  UML,  Cool- 
gen,  Interwoven  Bachelors  or 
Equivalent  req'd  in  Computers, 
Engineering,  Math  or  any  relat¬ 
ed  field  of  study  +  2  yrs  of  relat¬ 
ed  exp.  40  hrs/wk.  Must  have 
legal  authority  to  work  perma¬ 
nently  in  the  U  S.  Contact  HR 
Manager.  Downtown  Property 
Management,  Inc.,  8322  Arbor- 
crest  Dr,  Cincinnati.  OH  45236. 


Employment  Opportunities! 
Friendly  Consultants,  Inc  has  open¬ 
ings  for  locations  nationwide  for 
computer  professionals  experi¬ 
enced  in  systems  and/or  manage¬ 
ment  analysis,  systems  design, 
data  modeling,  networks  integration 
and  e-commerce  ap-plications  with 
hardware  and/or  software  skills 
including:  Java,  Magnax,  VB.  ASP, 
Crystal  Reports.  Oracle.  SQL/PL/ 
SQL,  Power  Builder,  COBOL, 
CICS,  VSAM.DB2,  Seer  HPS.Win 
NT,  Unix,  C,  C++.  Linux,  TCP/IP. 
PERL,  Intemet/lntranet.  SAP, 
PeopleSoft,  XML,  Testing.  Jun-ior 
level  positions  require  bachelors 
plus  1-3  years  of  experience. 
Senior  level  positions  require  bach¬ 
elors  +  5  years  experience  or 
Master’s  +  2  years  of  experience. 
Relocation  and/or  travel  possible. 
Top  $.  Send  resume  to  HR  Dept  at: 
55  Princeton  Hightstown  Road, 
Suite  205B,  Princeton  Junction,  NJ 
08550  or  email  to: 
hrd@friendlyconsultants.com. 


SYSTEMS  ANALYST 

Analyzes  user  requirements, 
procedures  and  problems  to 
automate  processing  or  to 
improve  existing  computer  sys¬ 
tems.  Extensive  Travel  in¬ 
volved.  Bachelor's  Degree  in 
Computer  Science,  Engineer¬ 
ing,  or  math-related  and  10 
months  experience  required  in 
job  offered  or  in  analysis, 
design  development  and  imple¬ 
mentation  of  various  I.T.  appli¬ 
cation  required.  Included  in  the 
10  month's  job  exp.  Java  2.0, 
Servlets,  JSP,  RMI,  EJB. 
OOAD  with  rational  Rose, 
UML,  XML,  XSL,  XLINK, 
Dreamweaver,  Net  Dynamics, 
Cold  Fusion,  WebLogic,  Web¬ 
Sphere  reqd.  Apply  by  resume 
only  to  Murali  Suddala, 
President,  Capricorn  Systems, 
Inc.,  3569  Habersham-at- 
Northlake,  Building  K,  Tucker, 
GA  30084. 


BCC  USA  Inc.  -  Portland, 
Maine  needs  experienced 
Programmer  Analysts  hav¬ 
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BackSpin  Mark  Gibbs 


Arming  the  guards 

o 


nline  security  is  on  everyone’s 
minds  these  days  and  for  a 
good  reason:This  ain’t  your 
father’s  Internet  anymore. 

If  I  had  to  compare  the  Internet  to 
a  city  I  would  choose  Los  Angeles. 
This  is  because  L. A., even  to  the  most 
jaundiced  palette,  is  weird. 

L.A.  is  made  up  of  lots  of  separate  areas  —  clusters 
of  industrial  zones,  clumps  of  “power”  architecture 
buildings  for  Fortune  1000  companies,  a  few  really 
wealthy  neighborhoods,  loads  of  strip  malls  and  a 
seemingly  endless  sea  of  suburbia.  And  the  whole 
mess  goes  on  forever. 

To  beat  the  analogy  to  death,  on  the  Internet  each 
of  these  areas  corresponds  to  the  registrars/ISPs/ 
infrastructure  organizations,  the  big  online  busi¬ 
nesses,  the  small  online  businesses  and  the  mil¬ 
lions  of  consumers.  And  just  as  L.A.  swims  through 
a  miasma  of  air  pollution,  everyone  on  the  ’Net  is 
bathed  in  a  fog  of  spam. 

In  L. A.,  just  as  on  the  ’Net,  there  are  huge  opportu¬ 
nities.  But  there  are  also  huge  risks  and,  unlike  L.A., 
there’s  no  real  police  force.  So  if  there  is  no  effective 
law  enforcement  and,  indeed,  hardly  any  laws  that 
can  be  enforced,  what  do  you  do? 

You  could  rely  on  the  company  that  built  your 
dwelling  to  deliver  a  safe, sturdy  structure,  but  we 


have  learned  the  hard  way  that  certain  construction 
companies  have  neglected  to  put  catches  on  the 
Windows  or  have  installed  faulty  locks. 

You  can  add  all  sorts  of  extra  protections  and,  if 
you  are  really  serious  about  security, you  could  post 
a  security  guard.  But  should  the  guard  be  armed? 

In  the  real  world  it  might  seem  like  a  good  idea  to 
give  your  rent-a-cop  a  big  noisy  gun,  but  in  L.A.  it  is 
common  wisdom  that  if  you  shoot  someone  you 
must  ensure  that  a)  it  is  the  right  someone  and  b) 
you  shoot  them  dead. 

Apparently  in  California  should  you  wound  and/or 
incapacitate  someone  in  self-defense  you  might  be 
sued  even  if  he  was  on  your  property,  in  your  bed¬ 
room  in  the  middle  of  the  night  and  wearing  a  stock¬ 
ing  over  his  head.  Go  figure.  In  Texas  I  understand 
that  such  intruders  are  considered  fair  game  and  if 
you  don’t  kill  them  the  authorities  will  take  them 
away  and  do  it  for  you.  But  I  digress  . . . 

On  the  ’Net  the  guards  are  firewalls  and  intrusion- 
detection  systems  (IDS).  But  I  just  read  about  an  IDS 
that  effectively  gives  your  guard  some  serious  weap¬ 
onry  The  product,  from  Symbiot,  is  called  iSIMs.The 
basic  features  of  iSIMs  are  way  cool  and  include 
what  the  company  calls  Graduated  Response  —  a 
selection  of  standard  countermeasures  that  include 
techniques  such  as  traffic  blocking,  rate-limiting, 
honey  pots,  simulated  responses  and  quarantining. 


So  far, so  good. 

But  things  get  a  little  iffy  in  the  features  that  provide 
what  are  essentially  “black  hat”  techniques  such  as 
Reflection  (sending  attackers’  packets  back  at  them), 
Invasive  Techniques  (“obtaining  access  privileges  on 
the  attacker’s  system,  and  then  pursuing  a  strategy  of 
disabling,  destroying  or  seizing  control  over  the 
attacking  assets”)  and  Counterstrikes  (“sending 
exploits  and  other  attacks  which  are  specific  to  vul¬ 
nerabilities  on  the  attacker’s  system”). Symbiot 
explains, “This  retaliation  could  be  far  in  excess  of  the 
attack  that  the  aggressor  has  underway 

Symbiot  also  notes  that  it  is  “evaluating  the  legal 
aspects  of  these  more  aggressive  countermeasures” 
and  that  it  plans  to  provide  these  features  only  for 
“authorized  deployments” —  whatever  that  means. 

I  suspect  that  more  than  a  few  of  you  are  muttering 
“let  me  at  it!”  While  the  John  Wayne  impulse  is  ap¬ 
pealing,  we  have  to  be  careful.  For  example,  what 
happens  when  you  make  a  mistake?  You  go  to  shoot 
the  intruder  and  miss  and  the  bullet  goes  through 
the  window  and  wipes  out  a  neighbor? 

And  what  happens  when  you  don’t  kill  intruders 
and  they  turn  around  and  sue  you?  In  that  case 
you’d  better  hope  the  Internet  is  more  like  Texas  and 
less  like  L.A. 

Geographic  analogies  to  backspin@gibbs.com. 
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Grabbing  Google's  coattails 

“Admittedly,  you  can  do  a  lot  with  $2.7 
billion,”  says  Chris  Cleveland,  CEO  at 
Dieselpoint,  a  tiny  enterprise  search 
company  based  in  Chicago.The  “you”  he 
speaks  of  is  Google,  his  industry's  800-pound  gorilla  whose  upcoming  stock 
offering  has  single-handedly  rekindled  IPO  fever  in  the  tech  sector. 

Cleveland  isn't  fazed.  In  fact,  he’s  ecstatic  about  the  coattails  effect  that 
Google-mania  has  created  for  small  search  companies  such  as  his  own. 
Moreover,  he  doesn't  think  much  of  Google's  current  enterprise  search  offering 
—  Google  Search  Appliance  —  or  the  company's  prospects  for  parlaying  its 
mind-share  dominance  of  consumer  search  into  enterprise  success. 

He  may  be  whistling  past  the  graveyard,  but  it’s  an  unmistakably  happy  tune. 

"[Google's  IPO]  has  certainly  raised  the  profile  of  search  generally,”  Cleveland 
says.  "People  who  need  better  search  on  their  Web  sites  are  starting  to  make 
calls,  and  they’re  starting  to  buy  things  from  us.The  first  quarter  of  this  year  we 
did  better  than  we  did  during  all  of  last  year.  And  this  quarter  we  will  double  our 
first  quarter.” 

He  declined  to  put  dollar  amounts  on  all  that  doubling  and  redoubling 
because  Dieselpoint  is  a  private  company.  But  he  points  to  the  likes  of  cus¬ 
tomers  McGraw-Hill  and  Sony  as  validation  that  his  all-Java  search  product  is 
gaining  steam  with  enterprise  customers. 

The  company  and  others  of  its  ilk  also  are  being  propositioned  by  players  in  the 
investment  community  who  see  Google’s  IPO  as  a  leading  wave. 

“We  weren’t  getting  any  [calls]  even  a  year  ago;  nobody  was  interested,” 
Cleveland  says.  “It  was  the  aftermath  of  the  crash  —  still.  But  now,  people  are 
getting  interested.” 

He’s  had  money  types  estimate  the  value  of  Dieselpoint  at  10  times  what  he  had 
envisioned.  He's  not  looking  to  sell  but  acknowledges  chatting  up  a  few  competi- 
■ors  in  enterprise  search  about  possible  alliances.The  market  segment  includes 


Endeca,  Autonomy,  Verity,  Fast  Search  &Transfer  and  Convera. 

As  for  the  gorilla's  Google  Search  Appliance?  Cleveland  says  it  has  a  lot  of 
bulking  up  to  do. 

"They  are  selling  it  based  on  their  brand  name  —  it’s  a  great  brand  name  —  and 
on  the  pitch  that  it’s  easy  to  use,  which  it  is  generally,”  Cleveland  says.  “But  it  just 
doesn't  do  the  job.  There  are  a  lot  of  other  players  who  are  doing  better  in  enter¬ 
prise  search,  because  it's  a  different  problem,  it's  a  different  set  of  technical  chal¬ 
lenges  that  you  have  to  solve. 

“One  of  the  big  differences  is  that  Google  gets  great  relevance  ranking  from 
the  links,  which  generally  don’t  exist  on  an  intranet.The  other  big  thing  is  that 
documents  on  an  intranet,  databases,  XML,  whatnot,  have  a  lot  of  structure  to 
them  and  you  need  to  be  able  to  exploit  that  structure,  which  is  what  we  do.  We 
categorize,  we  build  menus,  we  make  suggestions  based  on  our  knowledge  of 
metadata.  Google  doesn’t  do  any  of  that  stuff,”  he  says. 

But  as  the  man  noted,  you  can  do  a  lot  with  $2.7  billion. 

Bush  vs.  Kerry  at  Meetup.com 

Debate  over  the  impact  of  the  'Net  on  national  politics  continues,  with  some 
seeing  the  Howard  Dean  phenomenon  as  evidence  of  its  preeminence  and  others 
seeing  Dean's  failure  as  another  bubble  burst.  Whatever  the  case,  no  politician 
takes  the  Web  lightly  anymore,  which  makes  interesting  a  report  from  Meetup 
about  the  number  of  in-person  forums  for  the  presidential  contenders  that  have 
been  organized  through  its  site. 

LastThursday  alone,  there  were  43  local  meetings  organized  nationwide  in 
behalf  of  President  Bush,  and  617  for  his  Democratic  challenger,  Sen.  John  Kerry. 

Make  of  those  numbers  what  you  will,  but  they  cannot  be  seen  as  good  news  for 
Bush  in  a  campaign  that  experts  say  will  hinge  largely  on  each  camp’s  ability  to 
mobilize  its  base. 

Got  a  Google  anecdote  of  your  own?  The  address  is  buzz@nww.com. 
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HP  ProCurve  Networking  delivers 
what  businesses  demand. 

That’s  why  more  and  more  businesses 
demand  HP  ProCurve  Networking. 


HP  ProCurve  holds  the  number  2  position  in  the  market.*  And  that’s  because  we  give  businesses  what 
they  need:  Secure,  mobile,  multiservice  networks  that  are  as  affordable  as  they  are  performance, 
driven.  Standards-based  solutions  that  reduce  complexity  and  provide  scalable  growth.  A  lifetime 
warranty**  software  updates,  phone  and  Web  support.  All  with  the  level  of  reliability  people  hgve 
come  to  expect  from  HR  When  businesses  demand  more,  HP  ProCurve  delivers.  / ; '  ’ 


The  right  management  can  put  you  in  control  of  your  infrastructure, 
not  the  other  way  around. 

Unicenter  Infrastructure  Management  Software 

So  long,  mayhem.  Managing  on-demand  computing  is  here.  Unicenter  infrastructure  management  software  lets  you  take  control 
of  your  infrastructure  so  you  can  be  more  responsive  to  business.  With  automation  and  self-healing  capabilities  Unicenter  can 
help  control  costs  and  empower  you  to  do  more  with  less.  Unicenter  also  lets  your  infrastructure  react  to  changes  in  real  time, 
so  your  IT  and  business  priorities  are  always  in  sync.  Finally,  it  is  based  upon  a  service-oriented  architecture  that  simplifies 
your  IT  environment,  so  your  infrastructure  is  easier  to  manage.  To  learn  how  to  get  more  value  out  of  your  infrastructure, 
or  to  get  a  white  paper,  go  to  ca.com/infrastructure. 
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